PT-2022-25885 · Tenda · Tenda Ac1200

Name of the Vulnerable Software and Affected Versions: Tenda AC1200 version US AC6V2.0RTL V15.03.06.51 multi TDE01 Description: A buffer overflow was discovered in the 0x475dc function, allowing attackers to cause a Denial of Service DoS via a crafted request. Recommendations: For Tenda AC1200...

Design/Logic Flaw

fatfreecrm is a an open source, Ruby on Rails customer relationship management platform CRM. In versions prior to 0.20.1 an authenticated user can perform a remote Denial of Service attack against Fat Free CRM via bucket access. The vulnerability has been patched in commit c85a254 and will be...

CVE-2022-39281 Remote Denial of Service via Tasks endpoint in fat_free_crm

fatfreecrm is a an open source, Ruby on Rails customer relationship management platform CRM. In versions prior to 0.20.1 an authenticated user can perform a remote Denial of Service attack against Fat Free CRM via bucket access. The vulnerability has been patched in commit c85a254 and will be...

PT-2022-7213 · Django +4 · Django +4

Name of the Vulnerable Software and Affected Versions: Django versions 3.2 through 3.2.15 Django versions 4.0 through 4.0.7 Django versions 4.1 through 4.1.1 Description: The issue is related to insufficient processing of regular expressions in internationalized URLs, which can be exploited to...

PT-2022-25584 · Tenda · Tenda W20E

Name of the Vulnerable Software and Affected Versions: Tenda W20E router version 15.11.0.6 Description: The issue is related to a stack overflow in the formSetPortMapping function, which can be triggered by a POST request to the "goform/setPortMapping/" endpoint. This allows attackers to...

PT-2022-22502 · Libc +2 · Libc +2

Name of the Vulnerable Software and Affected Versions: OTFCC commit 617837b Description: A segmentation violation was discovered in OTFCC commit 617837b via the /lib/x86 64-linux-gnu/libc.so.6+0xbb384 endpoint. Recommendations: For OTFCC commit 617837b, consider restricting access to the /lib/x86...

PT-2022-22516 · Otfcc +1 · Otfcc +1

Name of the Vulnerable Software and Affected Versions: OTFCC commit 617837b Description: A heap buffer overflow issue has been discovered in OTFCC commit 617837b via the /release-x64/otfccdump+0x6adb1e endpoint. Recommendations: For OTFCC commit 617837b, consider restricting access to the...

PT-2022-25759 · Jenkins · Jenkins View26 Test-Reporting Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins View26 Test-Reporting Plugin versions 1.0.7 and earlier Description: The issue concerns a lack of hostname validation when connecting to the configured View26 server. This could be exploited using a man-in-the-middle attack to interce...

PT-2022-19986 · Unknown · Yetiforcecrm

Name of the Vulnerable Software and Affected Versions: YetiForce CRM versions prior to 6.4.0 Description: The issue is related to Cross-site Scripting XSS - Stored, which affects the YetiForce CRM GitHub repository. The SlaPolicy module is vulnerable to cross-site scripting. Recommendations: For...

CVE-2022-35971 `CHECK` fail in `FakeQuantWithMinMaxVars` in TensorFlow

TensorFlow is an open source platform for machine learning. If FakeQuantWithMinMaxVars is given min or max tensors of a nonzero rank, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

CVE-2021-42523 affecting package colord for versions less than 1.4.4-9

CVE-2021-42523 affecting package colord for versions less than 1.4.4-9. A patched version of the package is available...

Out-of-bounds

go-cvss is a Go module to manipulate Common Vulnerability Scoring System CVSS. In affected versions when a full CVSS v2.0 vector string is parsed using ParseVector, an Out-of-Bounds Read is possible due to a lack of tests. The Go module will then panic. The problem is patched in tag v0.4.0, by th...

SUSE-SU-2022:3252-1 Security update for freetype2

This update for freetype2 fixes the following issues: - CVE-2022-27404 Fixed a segmentation fault via a crafted typeface bsc1198830. - CVE-2022-27405 Fixed a buffer overflow via a crafted typeface bsc1198832. - CVE-2022-27406 Fixed a segmentation fault via a crafted typeface bsc1198823...

PYSEC-2022-269

OAuthLib is an implementation of the OAuth request-signing logic for Python 3.6+. In OAuthLib versions 3.1.1 until 3.2.1, an attacker providing malicious redirect uri can cause denial of service. An attacker can also leverage usage of urivalidate functions depending where it is used. OAuthLib...

CVE-2022-36100 XWiki Platform Applications Tag and XWiki Platform Tag UI vulnerable to Eval Injection

XWiki Platform Applications Tag and XWiki Platform Tag UI are tag applications for XWiki, a generic wiki platform. Starting with version 1.7 in XWiki Platform Applications Tag and prior to 13.10.6 and 14.4 in XWiki Platform Tag UI, the tags document Main.Tags in XWiki didn't sanitize user inputs...

CVE-2022-36092 XWiki Platform Old Core vulnerable to Authentication Bypass Using the Login Action

XWiki Platform Old Core is a core package for XWiki Platform, a generic wiki platform. Prior to versions 14.2 and 13.10.4, all rights checks that would normally prevent a user from viewing a document on a wiki can be bypassed using the login action and directly specified templates. This exposes...

PT-2022-23184 · Xwiki · Xwiki +1

Name of the Vulnerable Software and Affected Versions: XWiki Platform Web Parent POM versions 1.0 through 13.10.5 XWiki Platform Web Parent POM versions 14.0-rc-1 through 14.3 Description: The issue allows storing JavaScript that will be executed by anyone viewing the history of an attachment...

PT-2022-25317 · Samsung · Tizenrt

Name of the Vulnerable Software and Affected Versions: Samsung TizenRT versions through 3.0 GBM Samsung TizenRT version 3.1 PRE Description: An issue was discovered that leads to a denial of service, resulting in a malfunction. The problem is caused by a missing check on the return value of pcap...

Heap overflow

linkedlistallocator is an allocator usable for nostd systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than 3 sizeof:: because...

CVE-2022-36069

Poetry is a dependency manager for Python. When handling dependencies that come from a Git repository instead of a registry, Poetry uses various commands, such as git clone. These commands are constructed using user input e.g. the repository URL. When building the commands, Poetry correctly avoid...