Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 199260 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2022-3126 The Frontend File Manager Plugin WordPress plugin before 21.4 does not have CSRF check when uploading files, which could allow attackers to make logged in users upload files on their behalf -- Oct 21, 2022 n/a
CVE-2022-3127 Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 20.2.8. -- Sep 8, 2022 n/a
CVE-2022-3128 The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) -- Oct 5, 2022 n/a
CVE-2022-3129 A vulnerability was found in codeprojects Online Driving School. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registration.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-207872. -- Sep 12, 2022 n/a
CVE-2022-3130 A vulnerability classified as critical has been found in codeprojects Online Driving School. This affects an unknown part of the file /login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207873 was assigned to this vulnerability. -- Sep 12, 2022 n/a
CVE-2022-3131 The Search Logger WordPress plugin through 0.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users -- Oct 21, 2022 n/a
CVE-2022-3132 The Goolytics WordPress plugin before 1.1.2 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. -- Oct 5, 2022 n/a
CVE-2022-3133 OS Command Injection in GitHub repository jgraph/drawio prior to 20.3.0. -- Sep 10, 2022 n/a
CVE-2022-3134 Use After Free in GitHub repository vim/vim prior to 9.0.0389. -- Sep 9, 2022 n/a
CVE-2022-3135 The SEO Smart Links WordPress plugin through 3.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) -- Sep 27, 2022 n/a
CVE-2022-3136 The Social Rocket WordPress plugin before 1.3.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) -- Oct 12, 2022 n/a
CVE-2022-3137 The Taskbuilder WordPress plugin before 1.0.8 does not validate and sanitise task\'s attachments, which could allow any authenticated user (such as subscriber) creating a task to perform Stored Cross-Site Scripting by attaching a malicious SVG file -- Oct 12, 2022 n/a
CVE-2022-3138 Cross-site Scripting (XSS) - Generic in GitHub repository jgraph/drawio prior to 20.3.0. -- Sep 9, 2022 n/a
CVE-2022-3139 The We’re Open! WordPress plugin before 1.42 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) -- Oct 22, 2022 n/a
CVE-2022-3140 LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme \'vnd.libreoffice.command\' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.1; 7.3 versions prior to 7.3.6. -- Oct 13, 2022 n/a
CVE-2022-3141 The Translate Multilingual sites WordPress plugin before 2.3.3 is vulnerable to an authenticated SQL injection. By adding a new language (via the settings page) containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected. -- Sep 21, 2022 n/a
CVE-2022-3142 The NEX-Forms WordPress plugin before 7.9.7 does not properly sanitise and escape user input before using it in SQL statements, leading to SQL injections. The attack can be executed by anyone who is permitted to view the forms statistics chart, by default administrators, however can be configured otherwise via the plugin settings. -- Sep 21, 2022 n/a
CVE-2022-3143 wildfly-elytron: possible timing attacks via use of unsafe comparator. A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user. -- Jan 13, 2023 n/a
CVE-2022-3144 The Wordfence Security – Firewall & Malware Scan plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 7.6.0 via a setting on the options page due to insufficient escaping on the stored value. This makes it possible for authenticated users, with administrative privileges, to inject malicious web scripts into the setting that executes whenever a user accesses a page displaying the affected setting on sites running a vulnerable version. -- Sep 23, 2022 n/a
CVE-2022-3145 An open redirect vulnerability exists in Okta OIDC Middleware prior to version 5.0.0 allowing an attacker to redirect a user to an arbitrary URL. -- Jan 12, 2023 n/a
CVE-2022-3146 A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information disclosure of important configuration details from the OpenStack deployment. -- Mar 24, 2023 n/a
CVE-2022-3147 Mattermost version 7.0.x and earlier fails to sufficiently limit the in-memory sizes of concurrently uploaded JPEG images, which allows authenticated users to cause resource exhaustion on specific system configurations, resulting in server-side Denial of Service. -- Sep 9, 2022 n/a
CVE-2022-3148 Cross-site Scripting (XSS) - Generic in GitHub repository jgraph/drawio prior to 20.3.0. -- Sep 9, 2022 n/a
CVE-2022-3149 The WP Custom Cursors WordPress plugin before 3.0.1 does not have CSRF check in place when creating and editing cursors, which could allow attackers to made a logged in admin perform such actions via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping in some of the cursor options, it could also lead to Stored Cross-Site Scripting -- Oct 21, 2022 n/a
CVE-2022-3150 The WP Custom Cursors WordPress plugin before 3.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privileged users such as admin -- Oct 20, 2022 n/a
CVE-2022-3151 The WP Custom Cursors WordPress plugin before 3.0.1 does not have CSRF check in place when deleting cursors, which could allow attackers to made a logged in admin delete arbitrary cursors via a CSRF attack. -- Oct 20, 2022 n/a
CVE-2022-3152 Unverified Password Change in GitHub repository phpfusion/phpfusion prior to 9.10.20. -- Sep 12, 2022 n/a
CVE-2022-3153 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. -- Sep 8, 2022 n/a
CVE-2022-3154 The Woo Billingo Plus WordPress plugin before 4.4.5.4, Integration for Billingo & Gravity Forms WordPress plugin before 1.0.4, Integration for Szamlazz.hu & Gravity Forms WordPress plugin before 1.2.7 are lacking CSRF checks in various AJAX actions, which could allow attackers to make logged in Shop Managers and above perform unwanted actions, such as deactivate the plugin\'s license -- Oct 13, 2022 n/a
CVE-2022-3155 When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was started immediately without asking the user to confirm. This vulnerability affects Thunderbird < 102.3. -- Dec 22, 2022 n/a
CVE-2022-3156 A remote code execution vulnerability exists in Rockwell Automation Studio 5000 Logix Emulate software.  Users are granted elevated permissions on certain product services when the software is installed. Due to this misconfiguration, a malicious user could potentially achieve remote code execution on the targeted software. -- Dec 27, 2022 n/a
CVE-2022-3157 A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS). -- Dec 16, 2022 n/a
CVE-2022-3158 Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. The FactoryTalk VantagePoint SQL Server lacks input validation when users enter SQL statements to retrieve information from the back-end database. If successfully exploited, this could allow a user with basic user privileges to perform remote code execution on the server. -- Oct 20, 2022 n/a
CVE-2022-3159 The APDFL.dll contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. -- Jan 13, 2023 n/a
CVE-2022-3160 The APDFL.dll contains an out-of-bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. -- Jan 13, 2023 n/a
CVE-2022-3161 The APDFL.dll contains a memory corruption vulnerability while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. -- Jan 13, 2023 n/a
CVE-2022-3162 Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group. -- Nov 11, 2022 n/a
CVE-2022-3165 An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service. -- Sep 28, 2022 n/a
CVE-2022-3166 Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network access to the affected systems by sending TCP packets to webserver and closing it abruptly which would cause a denial-of-service condition for the web server application on the device -- Dec 16, 2022 n/a
CVE-2022-3167 Improper Restriction of Rendered UI Layers or Frames in GitHub repository ikus060/rdiffweb prior to 2.4.1. -- Sep 9, 2022 n/a
CVE-2022-3168 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. -- Nov 7, 2023 n/a
CVE-2022-3169 A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect. -- Sep 9, 2022 n/a
CVE-2022-3170 An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the \'id->name\' provided by the user did not end with \'\\0\'. A privileged local user could pass a specially crafted name through ioctl() interface and crash the system or potentially escalate their privileges on the system. -- Sep 13, 2022 n/a
CVE-2022-3171 A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above. -- Oct 13, 2022 n/a
CVE-2022-3172 A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client\'s API server credentials to third parties. -- Sep 17, 2022 n/a
CVE-2022-3173 Improper Authentication in GitHub repository snipe/snipe-it prior to 6.0.10. -- Sep 17, 2022 n/a
CVE-2022-3174 Sensitive Cookie in HTTPS Session Without \'Secure\' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2. -- Sep 15, 2022 n/a
CVE-2022-3175 Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2. -- Sep 15, 2022 n/a
CVE-2022-3176 There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn\'t handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659 -- Sep 17, 2022 n/a
CVE-2022-3178 Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV. -- Sep 12, 2022 n/a
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online