Remotely alerts

CVE-2022-22617

on July 6, 2022, 11:15 p.m.

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to gain elevated privileges.

Learn more

Tags:  Release NotesVendor Advisory

CVE-2022-26731

on July 6, 2022, 11:15 p.m.

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious website may be able to track users in Safari private browsing mode.

Learn more

Tags:  Vendor Advisory

CVE-2017-20098

on July 6, 2022, 8:40 p.m.

A vulnerability was found in Admin Custom Login Plugin 2.4.5.2. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting (Persistent). It is possible to launch the attack remotely.

Learn more

Tags:  Third Party Advisory

CVE-2017-20099

on July 6, 2022, 8:40 p.m.

A vulnerability was found in Analytics Stats Counter Statistics Plugin 1.2.2.5 and classified as critical. This issue affects some unknown processing. The manipulation leads to code injection. The attack may be initiated remotely.

Learn more

Tags:  ExploitMailing ListThird Party Advisory

CVE-2022-2140

on July 6, 2022, 8:30 p.m.

Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an authenticated user to inject arbitrary code into specific parameters.

Learn more

Tags:  Third Party AdvisoryUS Government Resource

CVE-2022-2106

on July 6, 2022, 8:24 p.m.

Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files.

Learn more

Tags:  Third Party AdvisoryUS Government Resource

CVE-2022-33005

on July 6, 2022, 7:58 p.m.

A cross-site scripting (XSS) vulnerability in the System Settings/IOT Settings module of Delta Electronics DIAEnergie v1.08.00 allows attackers to execute arbitrary web scripts via a crafted payload injected into the Name text field.

Learn more

Tags:  ExploitThird Party Advisory

CVE-2017-20100

on July 6, 2022, 7:48 p.m.

A vulnerability was found in Air Transfer 1.0.14/1.2.1. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Learn more

Tags:  Third Party Advisory

CVE-2021-41689

on July 6, 2022, 7:44 p.m.

DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null, which can incur a head-based overflow. An attacker can use it to launch a DoS attack.

Learn more

Tags:  ProductThird Party Advisory

CVE-2021-41687

on July 6, 2022, 7:44 p.m.

DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for parsing data, but does not free it when error in parsing. Sending specific requests to the dcmqrdb program incur the memory leak. An attacker can use it to launch a DoS attack.

Learn more

Tags:  ProductThird Party Advisory

CVE-2021-41688

on July 6, 2022, 7:44 p.m.

DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending specific requests to the dcmqrdb program will incur a double free. An attacker can use it to launch a DoS attack.

Learn more

Tags:  ProductThird Party Advisory

CVE-2021-41690

on July 6, 2022, 7:43 p.m.

DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all file information are recorded in a global variable LST and are not freed properly. Sending specific requests to the dcmqrdb program can incur a memory leak. An attacker can use it to launch a DoS attack.

Learn more

Tags:  ProductThird Party Advisory

CVE-2022-2218

on July 6, 2022, 7:41 p.m.

Cross-site Scripting (XSS) - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0.

Learn more

Tags:  PatchThird Party Advisory

CVE-2022-31103

on July 6, 2022, 7:34 p.m.

lettersanitizer is a DOM-based HTML email sanitizer for in-browser email rendering. All versions of lettersanitizer below 1.0.2 are affected by a denial of service issue when processing a CSS at-rule `@keyframes`. This package is depended on by [react-letter](https://github.com/mat-sz/react-letter), therefore everyone using react-letter is also at risk. The problem has been patched in version 1.0.2.

Learn more

Tags:  Issue TrackingThird Party Advisory

CVE-2022-31101

on July 6, 2022, 7:33 p.m.

prestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue.

Learn more

Tags:  Third Party Advisory

CVE-2022-29931

on July 6, 2022, 7:32 p.m.

Raytion 7.2.0 allows reflected Cross-site Scripting (XSS).

Learn more

Tags:  Third Party Advisory

CVE-2022-33009

on July 6, 2022, 7:32 p.m.

A stored cross-site scripting (XSS) vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file.

Learn more

Tags:  ExploitIssue TrackingThird Party Advisory

CVE-2022-34060

on July 6, 2022, 7:31 p.m.

The Togglee package in PyPI version v0.0.8 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Learn more

Tags:  ProductThird Party Advisory

CVE-2022-34059

on July 6, 2022, 7:30 p.m.

The Sixfab-Tool in PyPI v0.0.2 to v0.0.3 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Learn more

Tags:  ProductThird Party Advisory

CVE-2022-34061

on July 6, 2022, 7:27 p.m.

The Catly-Translate package in PyPI v0.0.3 to v0.0.5 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Learn more

Tags:  ExploitIssue TrackingThird Party Advisory

CVE-2022-32995

on July 6, 2022, 7:26 p.m.

Halo CMS v1.5.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the template remote download function.

Learn more

Tags:  ExploitIssue TrackingThird Party Advisory

CVE-2022-32994

on July 6, 2022, 7:24 p.m.

Halo CMS v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the component /api/admin/attachments/upload.

Learn more

Tags:  ExploitIssue TrackingThird Party Advisory

CVE-2022-26364

on July 6, 2022, 7:15 p.m.

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not …

Learn more

Tags:  Vendor Advisory

CVE-2022-24545

on July 6, 2022, 7:15 p.m.

Windows Kerberos Remote Code Execution Vulnerability.

Learn more

Tags:  PatchVendor Advisory

CVE-2022-30165

on July 6, 2022, 7:15 p.m.

Windows Kerberos Elevation of Privilege Vulnerability.

Learn more

Tags:  PatchVendor Advisory

CVE-2021-40900

on July 6, 2022, 6:26 p.m.

A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in regexfn v1.0.5 when validating crafted invalid emails.

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-2216

on July 6, 2022, 6:25 p.m.

Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 7.0.0.

Learn more

Tags:  PatchThird Party Advisory

CVE-2022-1843

on July 6, 2022, 6:24 p.m.

The MailPress WordPress plugin through 7.2.1 does not have CSRF checks in various places, which could allow attackers to make a logged in admin change the settings, purge log files and more via CSRF attacks

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-1844

on July 6, 2022, 6:24 p.m.

The WP Sentry WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-2207

on July 6, 2022, 6:20 p.m.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

Learn more

Tags:  ExploitPatchThird Party Advisory

CVE-2022-1842

on July 6, 2022, 6:15 p.m.

The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-34057

on July 6, 2022, 6:07 p.m.

The Scoptrial package in PyPI version v0.0.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Learn more

Tags:  Product

CVE-2022-1847

on July 6, 2022, 6:07 p.m.

The Rotating Posts WordPress plugin through 1.11 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-1885

on July 6, 2022, 6:07 p.m.

The Cimy Header Image Rotator WordPress plugin through 6.1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-1846

on July 6, 2022, 6:06 p.m.

The Tiny Contact Form WordPress plugin through 0.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-2217

on July 6, 2022, 6:01 p.m.

Cross-site Scripting (XSS) - Generic in GitHub repository ionicabizau/parse-url prior to 7.0.0.

Learn more

Tags:  PatchThird Party Advisory

CVE-2022-1845

on July 6, 2022, 6:01 p.m.

The WP Post Styling WordPress plugin before 1.3.1 does not have CSRF checks in various actions, which could allow attackers to make a logged in admin delete plugin's data, update the settings, add new entries and more via CSRF attacks

Learn more

Tags:  ExploitThird Party Advisory

CVE-2021-40895

on July 6, 2022, 5:25 p.m.

A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in todo-regex v0.1.1 when matching crafted invalid TODO statements.

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-1960

on July 6, 2022, 5:24 p.m.

The MyCSS WordPress plugin through 1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-2041

on July 6, 2022, 5:23 p.m.

The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element content, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-2040

on July 6, 2022, 5:16 p.m.

The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element URL, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-1953

on July 6, 2022, 5:16 p.m.

The Product Configurator for WooCommerce WordPress plugin before 1.2.32 suffers from an arbitrary file deletion vulnerability via an AJAX action, accessible to unauthenticated users, which accepts user input that is being used in a path and passed to unlink() without validation first

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-29617

on July 6, 2022, 5:15 p.m.

Due to improper error handling an authenticated user can crash CLA assistant instance. This could impact the availability of the application.

Learn more

Tags:  Third Party Advisory

CVE-2022-28217

on July 6, 2022, 5:15 p.m.

Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system?s Availability by causing system to crash.

Learn more

Tags:  Vendor Advisory

CVE-2022-1916

on July 6, 2022, 5:15 p.m.

The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store WordPress plugin before 1.0.5 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected cross-Site Scripting

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-1914

on July 6, 2022, 5:15 p.m.

The Clean-Contact WordPress plugin through 1.6 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored XSS due to the lack of sanitisation and escaping as well

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-32530

on July 6, 2022, 5:11 p.m.

A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: Geo SCADA Mobile (Build 222 and prior)

Learn more

Tags:  Vendor Advisory

CVE-2022-34298

on July 6, 2022, 4:48 p.m.

The NT auth module in OpenAM before 14.6.6 allows a "replace Samba username attack."

Learn more

Tags:  PatchRelease NotesThird Party Advisory

CVE-2022-30885

on July 6, 2022, 4:47 p.m.

** Reserved ** The pyesasky for python, as distributed on PyPI, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.2.0-1.4.2.

Learn more

Tags:  ExploitIssue TrackingThird Party Advisory

CVE-2022-34296

on July 6, 2022, 4:29 p.m.

In Zalando Skipper before 0.13.218, a query predicate could be bypassed via a prepared request.

Learn more

Tags:  ExploitPatchRelease NotesThird Party Advisory

CVE-2022-33910

on July 6, 2022, 4:19 p.m.

An XSS vulnerability in MantisBT before 2.25.5 allows remote attackers to attach crafted SVG documents to issue reports or bugnotes. When a user or an admin clicks on the attachment, file_download.php opens the SVG document in a browser tab instead of downloading it as a file, causing the JavaScript code to execute.

Learn more

Tags:  Release NotesVendor Advisory

CVE-2020-18648

on July 6, 2022, 3:15 p.m.

Cross Site Request Forgery (CSRF) in JuQingCMS v1.0 allows remote attackers to gain local privileges via the component "JuQingCMS_v1.0/admin/index.php?c=administrator&a=add".

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-29097

on July 6, 2022, 2:50 p.m.

Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.

Learn more

Tags:  Vendor Advisory

CVE-2022-29096

on July 6, 2022, 2:44 p.m.

Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session …

Learn more

Tags:  Vendor Advisory

CVE-2022-22390

on July 6, 2022, 2:33 p.m.

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973.

Learn more

Tags:  Vendor Advisory

CVE-2022-20829

on July 6, 2022, 2:28 p.m.

A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. This vulnerability …

Learn more

Tags:  Vendor Advisory

CVE-2022-22389

on July 6, 2022, 2:23 p.m.

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740.

Learn more

Tags:  VDB EntryVendor Advisory

CVE-2022-29109

on July 6, 2022, 1:15 p.m.

Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29110.

Learn more

Tags:  PatchVendor Advisory

CVE-2022-1977

on July 6, 2022, 12:54 p.m.

The Import Export All WordPress Images, Users & Post Types WordPress plugin before 6.5.3 does not fully validate the file to be imported via an URL before making an HTTP request to it, which could allow high privilege users such as admin to perform Blind SSRF attacks

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-1964

on July 6, 2022, 12:51 p.m.

The Easy SVG Support WordPress plugin before 3.3.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-1971

on July 6, 2022, 12:51 p.m.

The NextCellent Gallery WordPress plugin through 1.9.35 does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-1995

on July 6, 2022, 12:49 p.m.

The Malware Scanner WordPress plugin before 4.5.2 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfiltered_html is disallowed (for example in multisite setup)

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-1994

on July 6, 2022, 12:48 p.m.

The Login With OTP Over SMS, Email, WhatsApp and Google Authenticator WordPress plugin before 1.0.8 does not escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-1990

on July 6, 2022, 12:48 p.m.

The Nested Pages WordPress plugin before 3.1.21 does not escape and sanitize the some of its settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfiltered_html is disallowed

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-2102

on July 6, 2022, 12:46 p.m.

Controls limiting uploads to certain file extensions may be bypassed. This could allow an attacker to intercept the initial file upload page response and modify the associated code. This modified code can be forwarded and used by a script loaded later in the sequence, allowing for arbitrary file upload into a location where PHP scripts …

Learn more

Tags:  MitigationThird Party AdvisoryUS Government Resource

CVE-2022-32209

on July 6, 2022, 12:40 p.m.

# Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3## ImpactA possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed …

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-24851

on July 6, 2022, 11:15 a.m.

LDAP Account Manager (LAM) is an open source web frontend for managing entries stored in an LDAP directory. The profile editor tool has an edit profile functionality, the parameters on this page are not properly sanitized and hence leads to stored XSS attacks. An authenticated user can store XSS payloads in the profiles, which gets …

Learn more

Tags:  PatchThird Party Advisory

CVE-2022-28615

on July 6, 2022, 5:15 a.m.

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.

Learn more

Tags:  Vendor Advisory

CVE-2022-30522

on July 6, 2022, 5:15 a.m.

If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.

Learn more

Tags:  Vendor Advisory

CVE-2022-26377

on July 6, 2022, 5:15 a.m.

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.

Learn more

Tags:  Mailing ListThird Party Advisory

CVE-2022-31813

on July 6, 2022, 5:15 a.m.

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.

Learn more

Tags:  Vendor AdvisoryThird Party Advisory

CVE-2022-28614

on July 6, 2022, 5:15 a.m.

The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a …

Learn more

Tags:  Mailing ListThird Party Advisory

CVE-2022-2068

on July 6, 2022, 5:15 a.m.

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates …

Learn more

Tags:  Mailing ListPatchVendor Advisory

CVE-2022-29404

on July 6, 2022, 5:15 a.m.

In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.

Learn more

Tags:  Mailing ListThird Party Advisory

CVE-2022-30556

on July 6, 2022, 5:15 a.m.

Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.

Learn more

Tags:  Mailing ListThird Party Advisory

CVE-2022-1740

on July 6, 2022, 2:28 a.m.

The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An attacker could leverage this vulnerability to disguise malicious applications on a device.

Learn more

Tags:  MitigationThird Party AdvisoryUS Government Resource

CVE-2022-1741

on July 6, 2022, 2:16 a.m.

The tested version of Dominion Voting Systems ImageCast X has a Terminal Emulator application which could be leveraged by an attacker to gain elevated privileges on a device and/or install malicious code.

Learn more

Tags:  MitigationThird Party AdvisoryUS Government Resource

CVE-2022-1742

on July 6, 2022, 2:10 a.m.

The tested version of Dominion Voting Systems ImageCast X allows for rebooting into Android Safe Mode, which allows an attacker to directly access the operating system. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code.

Learn more

Tags:  MitigationThird Party AdvisoryUS Government Resource

CVE-2022-1743

on July 6, 2022, 2:04 a.m.

The tested version of Dominion Voting System ImageCast X can be manipulated to cause arbitrary code execution by specially crafted election definition files. An attacker could leverage this vulnerability to spread malicious code to ImageCast X devices from the EMS.

Learn more

Tags:  MitigationThird Party AdvisoryUS Government Resource

CVE-2022-1744

on July 6, 2022, 1:55 a.m.

Applications on the tested version of Dominion Voting Systems ImageCast X can execute code with elevated privileges by exploiting a system level service. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code.

Learn more

Tags:  MitigationThird Party AdvisoryUS Government Resource

CVE-2022-1745

on July 6, 2022, 1:43 a.m.

The authentication mechanism used by technicians on the tested version of Dominion Voting Systems ImageCast X is susceptible to forgery. An attacker with physical access may use this to gain administrative privileges on a device and install malicious code or perform arbitrary administrative actions.

Learn more

Tags:  MitigationThird Party AdvisoryUS Government Resource

CVE-2022-1746

on July 6, 2022, 1:42 a.m.

The authentication mechanism used by poll workers to administer voting using the tested version of Dominion Voting Systems ImageCast X can expose cryptographic secrets used to protect election information. An attacker could leverage this vulnerability to gain access to sensitive information and perform privileged actions, potentially affecting other election equipment.

Learn more

Tags:  MitigationThird Party AdvisoryUS Government Resource

CVE-2022-27238

on July 5, 2022, 9:01 p.m.

BigBlueButton version 2.4.7 (or earlier) is vulnerable to stored Cross-Site Scripting (XSS) in the private chat functionality. A threat actor could inject JavaScript payload in his/her username. The payload gets executed in the browser of the victim each time the attacker sends a private message to the victim or when notification about the attacker leaving …

Learn more

Tags:  Third Party Advisory

CVE-2022-29330

on July 5, 2022, 9:01 p.m.

Missing access control in the backup system of Telesoft VitalPBX before 3.2.1 allows attackers to access the PJSIP and SIP extension credentials, cryptographic keys and voicemails files via unspecified vectors.

Learn more

Tags:  ExploitThird Party Advisory

CVE-2022-31767

on July 5, 2022, 9 p.m.

IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 227980.

Learn more

Tags:  Vendor Advisory

CVE-2022-33953

on July 5, 2022, 8:55 p.m.

IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected access tokens. IBM X-Force ID: 229198.

Learn more

Tags:  Vendor Advisory

CVE-2022-32996

on July 5, 2022, 8:48 p.m.

The django-navbar-client package of v0.9.50 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Learn more

Tags:  Product

CVE-2022-32997

on July 5, 2022, 8:48 p.m.

The RootInteractive package in PyPI v0.0.5 to v0.0.19b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Learn more

Tags:  ExploitIssue TrackingThird Party Advisory

CVE-2022-32998

on July 5, 2022, 8:48 p.m.

The cryptoasset-data-downloader package in PyPI v1.0.0 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Learn more

Tags:  Product

CVE-2022-21742

on July 5, 2022, 8:40 p.m.

Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services.

Learn more

Tags:  Third Party Advisory

CVE-2021-3675

on July 5, 2022, 8:29 p.m.

Improper Input Validation vulnerability in synaTEE.signed.dll of Synaptics Fingerprint Driver allows a local authorized attacker to overwrite a heap tag, with potential loss of confidentiality. This issue affects: Synaptics Synaptics Fingerprint Driver 5.1.xxx.26 versions prior to xxx=340 on x86/64; 5.2.xxxx.26 versions prior to xxxx=3541 on x86/64; 5.2.2xx.26 versions prior to xx=29 on x86/64; 5.2.3xx.26 versions …

Learn more

Tags:  Third Party Advisory

CVE-2022-1642

on July 5, 2022, 8:28 p.m.

A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the Swift standard library, the Codable protocol; and the JSONDecoder class offered by swift-corelibs-foundation, which can …

Learn more

Tags:  Third Party Advisory

CVE-2022-31070

on July 5, 2022, 7:58 p.m.

NestJS Proxy is a NestJS module to decorate and proxy calls. Prior to version 0.7.0, the nestjs-proxy library did not have a way to block sensitive cookies (e.g. session cookies) from being forwarded to backend services configured by the application developer. This could have led to sensitive cookies being inadvertently exposed to such services that …

Learn more

Tags:  PatchThird Party Advisory

CVE-2022-31069

on July 5, 2022, 7:57 p.m.

NestJS Proxy is a NestJS module to decorate and proxy calls. Prior to version 0.7.0, the nestjs-proxy library did not have a way to control when Authorization headers should should be forwarded for specific backend services configured by the application developer. This could have resulted in sensitive information such as OAuth bearer access tokens being …

Learn more

Tags:  Third Party Advisory

CVE-2020-21046

on July 5, 2022, 7:47 p.m.

A local privilege escalation vulnerability was identified within the "luminati_net_updater_win_eagleget_com" service in EagleGet Downloader version 2.1.5.20 Stable. This issue allows authenticated non-administrative user to escalate their privilege and conduct code execution as a SYSTEM privilege.

Learn more

Tags:  Broken Link

CVE-2022-33915

on July 5, 2022, 7:43 p.m.

Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or CVE-2021-45046; it provides a temporary mitigation to CVE-2021-44228 by hotpatching the local Java …

Learn more

Tags:  Vendor Advisory

CVE-2022-30120

on July 5, 2022, 7:42 p.m.

XSS in /dashboard/blocks/stacks/view_details/ - old browsers only. When using an older browser with built-in XSS protection disabled, insufficient sanitation where built urls are outputted can be exploited for Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 to allow XSS. This cannot be exploited in modern-day web browsers due to an automatic input …

Learn more

Tags:  Release NotesVendor Advisory

CVE-2022-30119

on July 5, 2022, 7:40 p.m.

XSS in /dashboard/reports/logs/view - old browsers only. When using Internet Explorer with the XSS protection disabled, insufficient sanitation where built urls are outputted can be exploited for Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2. This cannot be exploited in modern-day web browsers due to an automatic input escape mechanism. Concrete CMS …

Learn more

Tags:  Release NotesVendor Advisory

CVE-2022-33003

on July 5, 2022, 7:34 p.m.

The watools package in PyPI v0.0.1 to v0.0.8 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Learn more

Tags:  ExploitIssue TrackingThird Party Advisory

CVE-2022-33002

on July 5, 2022, 7:33 p.m.

The KGExplore package in PyPI v0.1.1 to v0.1.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Learn more

Tags:  Product