PT-2022-25584 · Tenda · Tenda W20E

Name of the Vulnerable Software and Affected Versions: Tenda W20E router version 15.11.0.6 Description: The issue is related to a stack overflow in the formSetPortMapping function, which can be triggered by a POST request to the "goform/setPortMapping/" endpoint. This allows attackers to...

PT-2022-22516 · Otfcc +1 · Otfcc +1

Name of the Vulnerable Software and Affected Versions: OTFCC commit 617837b Description: A heap buffer overflow issue has been discovered in OTFCC commit 617837b via the /release-x64/otfccdump+0x6adb1e endpoint. Recommendations: For OTFCC commit 617837b, consider restricting access to the...

PT-2022-22502 · Libc +2 · Libc +2

Name of the Vulnerable Software and Affected Versions: OTFCC commit 617837b Description: A segmentation violation was discovered in OTFCC commit 617837b via the /lib/x86 64-linux-gnu/libc.so.6+0xbb384 endpoint. Recommendations: For OTFCC commit 617837b, consider restricting access to the /lib/x86...

PT-2022-25759 · Jenkins · Jenkins View26 Test-Reporting Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins View26 Test-Reporting Plugin versions 1.0.7 and earlier Description: The issue concerns a lack of hostname validation when connecting to the configured View26 server. This could be exploited using a man-in-the-middle attack to interce...

PT-2022-19986 · Unknown · Yetiforcecrm

Name of the Vulnerable Software and Affected Versions: YetiForce CRM versions prior to 6.4.0 Description: The issue is related to Cross-site Scripting XSS - Stored, which affects the YetiForce CRM GitHub repository. The SlaPolicy module is vulnerable to cross-site scripting. Recommendations: For...

CVE-2022-35971 `CHECK` fail in `FakeQuantWithMinMaxVars` in TensorFlow

TensorFlow is an open source platform for machine learning. If FakeQuantWithMinMaxVars is given min or max tensors of a nonzero rank, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

CVE-2021-42523 affecting package colord for versions less than 1.4.4-9

CVE-2021-42523 affecting package colord for versions less than 1.4.4-9. A patched version of the package is available...

Out-of-bounds

go-cvss is a Go module to manipulate Common Vulnerability Scoring System CVSS. In affected versions when a full CVSS v2.0 vector string is parsed using ParseVector, an Out-of-Bounds Read is possible due to a lack of tests. The Go module will then panic. The problem is patched in tag v0.4.0, by th...

SUSE-SU-2022:3252-1 Security update for freetype2

This update for freetype2 fixes the following issues: - CVE-2022-27404 Fixed a segmentation fault via a crafted typeface bsc1198830. - CVE-2022-27405 Fixed a buffer overflow via a crafted typeface bsc1198832. - CVE-2022-27406 Fixed a segmentation fault via a crafted typeface bsc1198823...

PYSEC-2022-269

OAuthLib is an implementation of the OAuth request-signing logic for Python 3.6+. In OAuthLib versions 3.1.1 until 3.2.1, an attacker providing malicious redirect uri can cause denial of service. An attacker can also leverage usage of urivalidate functions depending where it is used. OAuthLib...

CVE-2022-36100 XWiki Platform Applications Tag and XWiki Platform Tag UI vulnerable to Eval Injection

XWiki Platform Applications Tag and XWiki Platform Tag UI are tag applications for XWiki, a generic wiki platform. Starting with version 1.7 in XWiki Platform Applications Tag and prior to 13.10.6 and 14.4 in XWiki Platform Tag UI, the tags document Main.Tags in XWiki didn't sanitize user inputs...

CVE-2022-36092 XWiki Platform Old Core vulnerable to Authentication Bypass Using the Login Action

XWiki Platform Old Core is a core package for XWiki Platform, a generic wiki platform. Prior to versions 14.2 and 13.10.4, all rights checks that would normally prevent a user from viewing a document on a wiki can be bypassed using the login action and directly specified templates. This exposes...

PT-2022-23184 · Xwiki · Xwiki +1

Name of the Vulnerable Software and Affected Versions: XWiki Platform Web Parent POM versions 1.0 through 13.10.5 XWiki Platform Web Parent POM versions 14.0-rc-1 through 14.3 Description: The issue allows storing JavaScript that will be executed by anyone viewing the history of an attachment...

PT-2022-25317 · Samsung · Tizenrt

Name of the Vulnerable Software and Affected Versions: Samsung TizenRT versions through 3.0 GBM Samsung TizenRT version 3.1 PRE Description: An issue was discovered that leads to a denial of service, resulting in a malfunction. The problem is caused by a missing check on the return value of pcap...

Heap overflow

linkedlistallocator is an allocator usable for nostd systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than 3 sizeof:: because...

CVE-2022-36069

Poetry is a dependency manager for Python. When handling dependencies that come from a Git repository instead of a registry, Poetry uses various commands, such as git clone. These commands are constructed using user input e.g. the repository URL. When building the commands, Poetry correctly avoid...

PT-2022-20580 · Xwiki · Xwiki-Platform-Oldcore

Name of the Vulnerable Software and Affected Versions: XWiki Platform Old Core versions 11.3.7 through 12.0RC1 XWiki Platform Old Core version 11.0.3 Description: A bug in XWikiRights resolution of groups can be exploited to obtain privilege escalation. Editing a right with the object editor lead...

Remote code execution

vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. In versions prior to version 3.9.11, a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of...

CVE-2022-36064 Shescape Inefficient Regular Expression Complexity vulnerability

Shescape is a shell escape package for JavaScript. An Inefficient Regular Expression Complexity vulnerability impacts users that use Shescape to escape arguments for the Unix shells Bash and Dash, or any not-officially-supported Unix shell; and/or using the escape or escapeAll functions with the...

sabt.rgroup.ae Cross Site Scripting vulnerability OBB-2883411

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...