Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 159818 entries
IDDescriptionPriorityModified date
CVE-2022-143544 Double fetch vulnerability in VxWorks 7 The vulnerability occurs in the kernel function sysctl_find_oid(), who dereferences a same user pointer multiple times in the while loop, which can be modified by a malicious thread. Yingjie Cao Senior Security researcher- Qihoo 360 Group discovered issue LOW Sep 30, 2022
CVE-2022-41343 registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule. -- Sep 25, 2022
CVE-2022-41340 The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery. -- Sep 25, 2022
CVE-2022-38178 By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. -- Sep 25, 2022
CVE-2022-38177 By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. -- Sep 25, 2022
CVE-2022-32886 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution. -- Sep 25, 2022
CVE-2022-23464 Nepxion Discovery is a solution for Spring Cloud. Discovery is vulnerable to a potential Server-Side Request Forgery (SSRF). RouterResourceImpl uses RestTemplate’s getForEntity to retrieve the contents of a URL containing user-controlled input, potentially resulting in Information Disclosure. There is no patch available for this issue at time of publication. There are no known workarounds. -- Sep 25, 2022
CVE-2022-23463 Nepxion Discovery is a solution for Spring Cloud. Discover is vulnerable to SpEL Injection in discovery-commons. DiscoveryExpressionResolver’s eval method is evaluating expression with a StandardEvaluationContext, allowing the expression to reach and interact with Java classes such as java.lang.Runtime, leading to Remote Code Execution. There is no patch available for this issue at time of publication. There are no known workarounds. -- Sep 25, 2022
CVE-2022-23461 Jodit Editor is a WYSIWYG editor written in pure TypeScript without the use of additional libraries. Jodit Editor is vulnerable to XSS attacks when pasting specially constructed input. This issue has not been fully patched. There are no known workarounds. -- Sep 25, 2022
CVE-2022-3297 Use After Free in GitHub repository vim/vim prior to 9.0.0579. -- Sep 25, 2022
CVE-2022-3296 Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577. -- Sep 25, 2022
CVE-2022-3277 openstack-neutron: unrestricted creation of security groups -- Sep 25, 2022
CVE-2022-3080 By sending specific queries to the resolver, an attacker can cause named to crash. -- Sep 25, 2022
CVE-2022-2880 net/http/httputil: ReverseProxy should not forward unparseable query parameters -- Sep 25, 2022
CVE-2022-2795 By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver\'s performance, effectively denying legitimate clients access to the DNS resolution service. -- Sep 25, 2022
CVE-2017-20148 In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls. -- Sep 25, 2022
CVE-2017-20147 In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript uses a PID file that is writable by the smokeping user. By writing arbitrary PIDs to that file, the smokeping user can cause a denial of service to arbitrary PIDs when the service is stopped. -- Sep 25, 2022
CVE-2022-41318 SQUID-2022:2 Buffer Over Read in SSPI and SMB Authentication -- Sep 24, 2022
CVE-2022-41317 SQUID-2022:1 Exposure of Sensitive Information in Cache Manager -- Sep 24, 2022
CVE-2022-41218 In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. -- Sep 24, 2022
CVE-2022-40705 ** UNSUPPORTED WHEN ASSIGNED ** An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects Apache SOAP version 2.2 and later versions. It is unknown whether previous versions are also affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. -- Sep 24, 2022
CVE-2022-40298 Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found in the AirMedia Windows Application, version 4.3.1.39. A low privileged user can initiate a repair of the system and gain a SYSTEM level shell. -- Sep 24, 2022
CVE-2022-40250 An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI flash protections against modifications, which can help an attacker to install a firmware backdoor/implant into BIOS. Such a malicious firmware code in BIOS could persist across operating system re-installs. Additionally, this vulnerability potentially could be used by malicious actors to bypass security mechanisms provided by UEFI firmware (for example, Secure Boot and some types of memory isolation for hypervisors). This issue affects: Module name: SmmSmbiosElog SHA256: 3a8acb4f9bddccb19ec3b22b22ad97963711550f76b27b606461cd5073a93b59 Module GUID: 8e61fd6b-7a8b-404f-b83f-aa90a47cabdf This issue affects: AMI Aptio 5.x. This issue affects: AMI Aptio 5.x. -- Sep 24, 2022
CVE-2022-39242 Frontier is an Ethereum compatibility layer for Substrate. Prior to commit d3beddc6911a559a3ecc9b3f08e153dbe37a8658, the worst case weight was always accounted as the block weight for all cases. In case of large EVM gas refunds, this can lead to block spamming attacks -- the adversary can construct blocks with transactions that have large amount of refunds or unused gases with reverts, and as a result inflate up the chain gas prices. The impact of this issue is limited in that the spamming attack would still be costly for any adversary, and it has no ability to alter any chain state. This issue has been patched in commit d3beddc6911a559a3ecc9b3f08e153dbe37a8658. There are no known workarounds. -- Sep 24, 2022
CVE-2022-39240 MyGraph is a permission management system. Versions prior to 1.0.4 are vulnerable to a storage XSS vulnerability leading to Remote Code Execution. This issue is patched in version 1.0.4. There is no known workaround. -- Sep 24, 2022
CVE-2022-38573 10-Strike Network Inventory Explorer v9.3 was discovered to contain a buffer overflow via the Add Computers function. -- Sep 24, 2022
CVE-2022-37235 Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. There is a stack overflow vulnerability caused by strncat -- Sep 24, 2022
CVE-2022-37232 Netgear N300 wireless router wnr2000v4-V1.0.0.70 is vulnerable to Buffer Overflow via uhttpd. There is a stack overflow vulnerability caused by strcpy. -- Sep 24, 2022
CVE-2022-36934 An integer overflow in WhatsApp could result in remote code execution in an established video call. -- Sep 24, 2022
CVE-2022-36025 Besu is a Java-based Ethereum client. In versions newer than 22.1.3 and prior to 22.7.1, Besu is subject to an Incorrect Conversion between Numeric Types. An error in 32 bit signed and unsigned types in the calculation of available gas in the CALL operations (including DELEGATECALL) results in incorrect gas being passed into called contracts and incorrect gas being returned after call execution. Where the amount of gas makes a difference in the success or failure, or if the gas is a negative 64 bit value, the execution will result in a different state root than expected, resulting in a consensus failure in networks with multiple EVM implementations. In networks with a single EVM implementation this can be used to execute with significantly more gas than then transaction requested, possibly exceeding gas limitations. This issue is patched in version 22.7.1. As a workaround, reverting to version 22.1.3 or earlier will prevent incorrect execution. -- Sep 24, 2022
CVE-2022-35256 http: disable chunked encoding when OBS fold is used -- Sep 24, 2022
CVE-2022-35255 Weak randomness in WebCrypto keygen -- Sep 24, 2022
CVE-2022-34026 ICEcoder v8.1 allows attackers to execute a directory traversal. -- Sep 24, 2022
CVE-2022-31937 Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd. -- Sep 24, 2022
CVE-2022-23458 Toast UI Grid is a component to display and edit data. Versions prior to 4.21.3 are vulnerable to cross-site scripting attacks when pasting specially crafted content into editable cells. This issue was fixed in version 4.21.3. There are no known workarounds. -- Sep 24, 2022
CVE-2021-41803 HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2. -- Sep 24, 2022
CVE-2021-27774 User input included in error response, which could be used in a phishing attack. -- Sep 24, 2022
CVE-2022-41322 In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup. -- Sep 23, 2022
CVE-2022-41320 Veritas System Recovery (VSR) versions 18 and 21 store a network destination password in the Windows registry during configuration of the backup configuration. This vulnerability could provide a Windows user (who has sufficient privileges) to access a network file system that they were not authorized to access. -- Sep 23, 2022
CVE-2022-41319 A Reflected Cross-Site Scripting (XSS) vulnerability affects the Veritas Desktop Laptop Option (DLO) application login page (aka the DLOServer/restore/login.jsp URI). This affects versions before 9.8 (e.g., 9.1 through 9.7). -- Sep 23, 2022
CVE-2022-41220 ** DISPUTED ** md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913. NOTE: the vendor\'s position is that the product is not intended for untrusted input. -- Sep 23, 2022
CVE-2022-40979 In JetBrains TeamCity before 2022.04.4 environmental variables of password type could be logged when using custom Perforce executable -- Sep 23, 2022
CVE-2022-40932 In Zoo Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of the gallery file of the Gallery module in the background management system. -- Sep 23, 2022
CVE-2022-40869 Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter list* (%s%d,list). -- Sep 23, 2022
CVE-2022-40868 Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formDelDhcpRule with the request /goform/delDhcpRules/ -- Sep 23, 2022
CVE-2022-40867 Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formIPMacBindDel with the request /goform/delIpMacBind/ -- Sep 23, 2022
CVE-2022-40866 Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formSetDebugCfg with request /goform/setDebugCfg/ -- Sep 23, 2022
CVE-2022-40865 Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/ -- Sep 23, 2022
CVE-2022-40864 Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet -- Sep 23, 2022
CVE-2022-40862 Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting -- Sep 23, 2022
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online