CVE-2022-3738 WAGO: Missing authentication for config export functionality in multiple products

The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. That backup file might contain sensitive information like credentials and cryptographic material. A valid user has to create a backup after the last reboot for this attack to be successfull...

GSD-2023-1000963 drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid()

drm/sti: Fix return type of stidvo,hda,hdmiconnectormodevalid This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

PT-2023-34041 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.86 Description: The issue concerns a function fsl dcu drm connector mode valid with an incorrect return type. The actual impact and potential for attack have not been proven. Recommendations: For Linux...

CVE-2022-3782

CVE-2022-3782 affects Keycloak / Red Hat Single Sign-On: path traversal via double URL encoding due to improper validation of redirect URLs, enabling an attacker to traverse to arbitrary files within the domain when wildcard Redirect URIs are used. Connected sources confirm the issue and indicate...

编号撤回

This CVE number has been withdrawn...

CVE-2022-3715

A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parametertransform. This issue may lead to memory problems...

PT-2022-8310 · Pilz · Pilz Pmc Programming Tool

Name of the Vulnerable Software and Affected Versions: Pilz PMC programming tool versions 3.x before 3.5.17 Description: An issue in the Pilz PMC programming tool allows an attacker to identify valid usernames. Recommendations: For versions prior to 3.5.17, update to version 3.5.17 or later to...

CVE-2022-31745

If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox 101...

DEBIAN-CVE-2022-1834

When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker's digital signature, that was shown...

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2022-41082-POC PoC for the CVE-2022-41082 NotProxyShell OW...

keycloak: path traversal via double URL encoding

A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. Thi...

CVE-2022-46829

In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented...

GSD-2022-1007711 Input: iforce - invert valid length check when fetching device IDs

Input: iforce - invert valid length check when fetching device IDs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.10 by commit...

OESA-2022-2100 bash security update

Bash is the GNU Project's shell. Bash is the Bourne Again SHell. Bash is an sh-compatible shell that incorporates useful features from the Korn shell ksh and C shell csh. It is intended to conform to the IEEE POSIX P1003.2/ISO 9945.2 Shell and Tools standard. It offers functional improvements ove...

Rocky Linux 8 : libreoffice (RLSA-2022:1766)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1766 advisory. - LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurr...

CVE-2022-45183

Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. Patched Versions are 3.5.3, 3.4.7, and 2.12.6...

CVE-2022-20926

A vulnerability in the web management interface of the Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to insufficient validation of user-supplied parameters for...

PT-2022-5626 · Vmware · Vmware Workspace One Assist

Name of the Vulnerable Software and Affected Versions: VMware Workspace ONE Assist versions prior to 22.10 Description: The issue is related to a session fixation problem, where a malicious actor who obtains a valid session token may be able to authenticate to the application using that token. Th...

CVE-2022-20963

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. This vulnerability is due to...

The vulnerability of the njs_scope_valid_value function (njs_scope.h) in the NJS interpreter of the nginx server allows a attacker to cause a service failure.

The vulnerability of the njsscopevalidvalue function in the njs interpreter of the nginx server is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...