The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2022-3309 | Use after free in assistant in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: Medium) | -- | Sep 29, 2022 | n/a |
CVE-2022-3308 | Insufficient policy enforcement in developer tools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | -- | Sep 29, 2022 | n/a |
CVE-2022-3307 | Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | -- | Sep 29, 2022 | n/a |
CVE-2022-3306 | Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | -- | Sep 29, 2022 | n/a |
CVE-2022-3305 | Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | -- | Sep 29, 2022 | n/a |
CVE-2022-3304 | Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | -- | Sep 29, 2022 | n/a |
CVE-2022-3303 | A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition | -- | Sep 29, 2022 | 10.18.44.29 (Wind River Linux LTS 18) |
CVE-2022-3301 | Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8. | -- | Sep 28, 2022 | n/a |
CVE-2022-3299 | A vulnerability was found in Open5GS up to 2.4.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality in the library lib/sbi/client.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. The name of the patch is 724fa568435dae45ef0c3a48b2aabde052afae88. It is recommended to apply a patch to fix this issue. The identifier VDB-209545 was assigned to this vulnerability. | -- | Oct 3, 2022 | n/a |
CVE-2022-3298 | Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8. | -- | Sep 28, 2022 | n/a |
CVE-2022-3295 | Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8. | -- | Sep 28, 2022 | n/a |
CVE-2022-3292 | Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8. | -- | Sep 30, 2022 | n/a |
CVE-2022-3290 | Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8. | -- | Sep 28, 2022 | n/a |
CVE-2022-3287 | When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file. | -- | Sep 30, 2022 | n/a |
CVE-2022-3276 | Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise. | -- | Oct 8, 2022 | n/a |
CVE-2022-3275 | Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise. | -- | Oct 8, 2022 | n/a |
CVE-2022-3273 | Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. | -- | Oct 6, 2022 | n/a |
CVE-2022-3272 | Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8. | -- | Sep 28, 2022 | n/a |
CVE-2022-3215 | NIOHTTP1 and projects using it for generating HTTP responses can be subject to a HTTP Response Injection attack. This occurs when a HTTP/1.1 server accepts user generated input from an incoming request and reflects it into a HTTP/1.1 response header in some form. A malicious user can add newlines to their input (usually in encoded form) and inject those newlines into the returned HTTP response. This capability allows users to work around security headers and HTTP/1.1 framing headers by injecting entirely false responses or other new headers. The injected false responses may also be treated as the response to subsequent requests, which can lead to XSS, cache poisoning, and a number of other flaws. This issue was resolved by adding validation to the HTTPHeaders type, ensuring that there\'s no whitespace incorrectly present in the HTTP headers provided by users. As the existing API surface is non-failable, all invalid characters are replaced by linear whitespace. | -- | Sep 30, 2022 | n/a |
CVE-2022-3193 | An HTML injection/reflected Cross-site scripting (XSS) vulnerability was found in the ovirt-engine. A parameter error_description fails to sanitize the entry, allowing the vulnerability to trigger on the Windows Service Accounts home pages. | -- | Sep 29, 2022 | n/a |
CVE-2022-3165 | An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service. | -- | Sep 28, 2022 | n/a |
CVE-2022-3135 | The SEO Smart Links WordPress plugin through 3.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | -- | Sep 27, 2022 | n/a |
CVE-2022-3132 | The Goolytics WordPress plugin before 1.1.2 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | -- | Oct 5, 2022 | n/a |
CVE-2022-3128 | The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | -- | Oct 5, 2022 | n/a |
CVE-2022-3125 | The Frontend File Manager Plugin WordPress plugin before 21.3 allows any authenticated users, such as subscriber, to rename a file to an arbitrary extension, like PHP, which could allow them to basically be able to upload arbitrary files on the server and achieve RCE | -- | Oct 4, 2022 | n/a |
CVE-2022-3124 | The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. Furthermore, due to the lack of validation in the destination filename, this could allow allow them to change the content of arbitrary files on the web server | -- | Oct 4, 2022 | n/a |
CVE-2022-3119 | The OAuth client Single Sign On WordPress plugin before 3.0.4 does not have authorisation and CSRF when updating its settings, which could allow unauthenticated attackers to update them and change the OAuth endpoints to ones they controls, allowing them to then be authenticated as admin if they know the correct email address | -- | Sep 28, 2022 | n/a |
CVE-2022-3103 | off-by-one in io_uring module. | -- | Sep 28, 2022 | n/a |
CVE-2022-3100 | A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API. | -- | Oct 8, 2022 | n/a |
CVE-2022-3098 | The Login Block IPs WordPress plugin through 1.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | -- | Sep 27, 2022 | n/a |
CVE-2022-3076 | The CM Download Manager WordPress plugin before 2.8.6 allows high privilege users such as admin to upload arbitrary files by setting the any extension via the plugin\'s setting, which could be used by admins of multisite blog to upload PHP files for example. | -- | Sep 27, 2022 | n/a |
CVE-2022-3074 | The Slider Hero WordPress plugin before 8.4.4 does not escape the slider Name, which could allow high-privileged users to perform Cross-Site Scripting attacks. | -- | Sep 27, 2022 | n/a |
CVE-2022-3070 | The Generate PDF WordPress plugin before 3.6 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | -- | Sep 27, 2022 | n/a |
CVE-2022-3069 | The WordLift WordPress plugin before 3.37.2 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | -- | Sep 27, 2022 | n/a |
CVE-2022-3062 | The Simple File List WordPress plugin before 4.4.12 does not escape parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting | -- | Sep 27, 2022 | n/a |
CVE-2022-3025 | The Bitcoin / Altcoin Faucet WordPress plugin through 1.6.0 does not have any CSRF check when saving its settings, allowing attacker to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site Scripting issues | -- | Sep 28, 2022 | n/a |
CVE-2022-3024 | The Simple Bitcoin Faucets WordPress plugin through 1.7.0 does not have any authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscribers to call it and add/delete/edit Bonds. Furthermore, due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site Scripting issues | -- | Sep 28, 2022 | n/a |
CVE-2022-3002 | Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. | -- | Oct 7, 2022 | n/a |
CVE-2022-2987 | The Ldap WP Login / Active Directory Integration WordPress plugin before 3.0.2 does not have any authorisation and CSRF checks when updating it\'s settings (which are hooked to the init action), allowing unauthenticated attackers to update them. Attackers could set their own LDAP server to be used to authenticated users, therefore bypassing the current authentication | -- | Sep 28, 2022 | n/a |
CVE-2022-2986 | Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk. | -- | Oct 7, 2022 | n/a |
CVE-2022-2975 | A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement Services web application, allowing an administrative user to modify accounts leading to execution of arbitrary code as the root user. This issue affects Application Enablement Services versions 8.0.0.0 through 8.1.3.4 and 10.1.0.0 through 10.1.0.1. Versions prior to 8.0.0.0 are end of manufacturing support and were not evaluated. | -- | Oct 7, 2022 | n/a |
CVE-2022-2929 | In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory. | -- | Oct 7, 2022 | 10.18.44.29 (Wind River Linux LTS 18) |
CVE-2022-2928 | In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option\'s refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort. | -- | Oct 7, 2022 | 10.18.44.29 (Wind River Linux LTS 18) |
CVE-2022-2926 | The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory | -- | Sep 28, 2022 | n/a |
CVE-2022-2922 | Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0. | -- | Oct 4, 2022 | n/a |
CVE-2022-2903 | The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog. | -- | Sep 28, 2022 | n/a |
CVE-2022-2839 | The Zephyr Project Manager WordPress plugin before 3.2.55 does not have any authorisation as well as CSRF in all its AJAX actions, allowing unauthenticated users to call them either directly or via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it could also allow them to perform Stored Cross-Site Scripting attacks against logged in admins. | -- | Oct 4, 2022 | n/a |
CVE-2022-2783 | In affected versions of Octopus Server it was identified that a session cookie could be used as the CSRF token | -- | Oct 7, 2022 | n/a |
CVE-2022-2781 | In affected versions of Octopus Server it was identified that the same encryption process was used for both encrypting session cookies and variables. | -- | Oct 7, 2022 | n/a |
CVE-2022-2778 | In affected versions of Octopus Deploy it is possible to bypass rate limiting on login using null bytes. | -- | Oct 4, 2022 | n/a |