CVE-2022-22264

Improper sanitization of incoming intent in Dressroom prior to SMR Jan-2022 Release 1 allows local attackers to read and write arbitrary files without permission...

Ivanti Endpoint Manager 2022 SU6 - January 2025 Security Update

The version of Ivanti Endpoint Manager 2022 SU6 running on the remote host lacking the January 2022 SU6 Hotfix. It is, therefore, affected by mutliple vulnerabilities: - Absolute path traversal in Ivanti Endpoint Manager before 2022 SU6 January Security Update or 2022 SU6 November Security Update...

RHSA-2024:11185 Red Hat Security Advisory: edk2:20220126gitbb1bba3d77 security update

Bulletin has no description...

Summary of Vulnerabilities & Threats: January 2022

...

Oracle Enterprise Manager Ops Center UI and Other Patches (January 2022 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2022 CPU advisory. - Vulnerability in the Enterprise Manager Ops Center product of Oracle Enterprise Manager component: Networking JDBC. The...

Security Updates for Microsoft .NET Framework (January 2022)

The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by a denial of service vulnerability. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates...

Oracle GoldenGate Multiple Vulnerabilities (January 2022 CPU)

The version of Oracle GoldenGate installed on the remote host is affected by the following vulnerabilities as noted in the January 2022 CPU advisory : - Vulnerability in Oracle GoldenGate component: Build Request Apache Xerces-C++. The supported version that is affected is Prior to 21.4.0.0.0...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2022 - Includes Oracle® January 2022 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities have been identified in IBM Java 8 shipped with IBM® Intelligent Operations Center (CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-20)

Summary Multiple vulnerabilities have been identified in Oracle January 2022 CPU for Java 8 which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 and 8 and IBM® Runtime Environment Java™ Version 7 and 8 used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of t...

Security Updates for Microsoft Word Products C2R (January 2022)

The Microsoft Word Products are missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2022-21842 %NASLMINLEVEL 70300 C...

Security Updates for Microsoft Office Products C2R (January 2022)

The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2022-21840, CVE-2022-21841...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK (January 2022) affects IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in January 2022. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION: An unspecifie...

SAP NetWeaver AS ABAP Multiple Vulnerabilities (January 2022)

Multiple vulnerabilities may be present in SAP NetWeaver Application Server ABAP, including the following: - A URL redirection vulnerability exists in SAP NetWeaver Application Server ABAP, due to insufficient URL validation. An unauthenticated, remote attacker can exploit this to redirect users ...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On due to January 2022 CPU plus deferred CVE-2021-35550 and CVE-2021-35603

Summary IBM WebSphere Application Server is shipped with IBM Security Access Manager for Enterprise Single Sign-On. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletin...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM Application Server Liberty due to January 2022 CPU plus deferred CVE-2021-35550 and CVE-2021-35603

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. These might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere...

tgreen.us Cross Site Scripting vulnerability OBB-2352645

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

honeymooner-online.de Cross Site Scripting vulnerability OBB-2350536

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

carolinasub.com Cross Site Scripting vulnerability OBB-2350102

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

bkkgalaxy.com Cross Site Scripting vulnerability OBB-2349310

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...