Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 104130 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2022-31516 The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31515 The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31514 The Caoyongqi912/Fan_Platform repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31513 The BolunHan/Krypton repository through 2021-06-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31512 The Atom02/flask-mvc repository through 2020-09-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31511 The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31510 The sergeKashkin/Simple-RAT repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31509 The iedadata/usap-dc-website repository through 1.0.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31508 The idayrus/evoting repository before 2022-05-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31507 The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31506 The cmusatyalab/opendiamond repository through 10.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31505 The cheo0/MercadoEnLineaBack repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31504 The ChangeWeDer/BaiduWenkuSpider_flaskWeb repository before 2021-11-29 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31503 The orchest/orchest repository before 2022.05.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31502 The operatorequals/wormnest repository through 0.4.7 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31501 The ChaoticOnyx/OnyxForum repository before 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. MEDIUM Jul 15, 2022 n/a
CVE-2022-31472 Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet. MEDIUM Jul 15, 2022 n/a
CVE-2022-31257 A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All versions < V9.14.0), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.2), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.12). In case of access to an active user session in an application that is built with an affected version, it’s possible to change that user’s password bypassing password validations within a Mendix application. This could allow to set weak passwords. MEDIUM Jul 12, 2022 n/a
CVE-2022-31140 Valinor is a PHP library that helps to map any input into a strongly-typed value object structure. Prior to version 0.12.0, Valinor can use `Throwable#getMessage()` when it should not have permission to do so. This is a problem with cases such as an SQL exception showing an SQL snippet, a database connection exception showing database IP address/username/password, or a timeout detail / out of memory detail. Attackers could use this information for potential data exfiltration, denial of service attacks, enumeration attacks, etc. Version 0.12.0 contains a patch for this vulnerability. MEDIUM Jul 16, 2022 n/a
CVE-2022-31139 UnsafeAccessor (UA) is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA\'s standard API. The main application can set up `SecurityCheck.AccessLimiter` for UA to limit access to UA. Starting with version 1.4.0 and prior to version 1.7.0, when `SecurityCheck.AccessLimiter` is set up, untrusted code can access UA without limitation, even when UA is loaded as a named module. This issue does not affect those for whom `SecurityCheck.AccessLimiter` is not set up. Version 1.7.0 contains a patch. MEDIUM Jul 12, 2022 n/a
CVE-2022-31134 Zulip is an open-source team collaboration tool. Zulip Server versions 2.1.0 above have a user interface tool, accessible only to server owners and server administrators, which provides a way to download a public data export. While this export is only accessible to administrators, in many configurations server administrators are not expected to have access to private messages and private streams. However, the public data export which administrators could generate contained the attachment contents for all attachments, even those from private messages and streams. Zulip Server version 5.4 contains a patch for this issue. MEDIUM Jul 13, 2022 n/a
CVE-2022-31105 Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.4.0 and prior to 2.2.11, 2.3.6, and 2.4.5 is vulnerable to an improper certificate validation bug which could cause Argo CD to trust a malicious (or otherwise untrustworthy) OpenID Connect (OIDC) provider. A patch for this vulnerability has been released in Argo CD versions 2.4.5, 2.3.6, and 2.2.11. There are no complete workarounds, but a partial workaround is available. Those who use an external OIDC provider (not the bundled Dex instance), can mitigate the issue by setting the `oidc.config.rootCA` field in the `argocd-cm` ConfigMap. This mitigation only forces certificate validation when the API server handles login flows. It does not force certificate verification when verifying tokens on API calls. MEDIUM Jul 13, 2022 n/a
CVE-2022-31102 Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with 2.3.0 and prior to 2.3.6 and 2.4.5 is vulnerable to a cross-site scripting (XSS) bug which could allow an attacker to inject arbitrary JavaScript in the `/auth/callback` page in a victim\'s browser. This vulnerability only affects Argo CD instances which have single sign on (SSO) enabled. The exploit also assumes the attacker has 1) access to the API server\'s encryption key, 2) a method to add a cookie to the victim\'s browser, and 3) the ability to convince the victim to visit a malicious `/auth/callback` link. The vulnerability is classified as low severity because access to the API server\'s encryption key already grants a high level of access. Exploiting the XSS would allow the attacker to impersonate the victim, but would not grant any privileges which the attacker could not otherwise gain using the encryption key. A patch for this vulnerability has been released in the following Argo CD versions 2.4.5 and 2.3.6. There is currently no known workaround. MEDIUM Jul 13, 2022 n/a
CVE-2022-31080 KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, a large response received by the viaduct WSClient can cause a DoS from memory exhaustion. The entire body of the response is being read into memory which could allow an attacker to send a request that returns a response with a large body. The consequence of the exhaustion is that the process which invokes a WSClient will be in a denial of service. The software is affected If users who are authenticated to the edge side connect to `cloudhub` from the edge side through WebSocket protocol. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. There are currently no known workarounds. MEDIUM Jul 16, 2022 n/a
CVE-2022-31074 KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, several endpoints in the Cloud AdmissionController may be susceptible to a DoS attack if an HTTP request containing a very large Body is sent to it. The consequence of the exhaustion is that the Cloud AdmissionController will be in denial of service. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. There is currently no known workaround. MEDIUM Jul 16, 2022 n/a
CVE-2022-31073 KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the ServiceBus server on the edge side may be susceptible to a DoS attack if an HTTP request containing a very large Body is sent to it. It is possible for the node to be exhausted of memory. The consequence of the exhaustion is that other services on the node, e.g. other containers, will be unable to allocate memory and thus causing a denial of service. Malicious apps accidentally pulled by users on the host and have the access to send HTTP requests to localhost may make an attack. It will be affected only when users enable the `ServiceBus` module in the config file `edgecore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable the `ServiceBus` module in the config file `edgecore.yaml`. MEDIUM Jul 16, 2022 n/a
CVE-2022-31012 Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability in versions prior to 2.37.1 lets Git for Windows\' installer execute a binary into `C:\\mingw64\\bin\\git.exe` by mistake. This only happens upon a fresh install, not when upgrading Git for Windows. A patch is included in version 2.37.1. Two workarounds are available. Create the `C:\\mingw64` folder and remove read/write access from this folder, or disallow arbitrary authenticated users to create folders in `C:\\`. MEDIUM Jul 13, 2022 n/a
CVE-2022-30943 Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data of Bulletin. MEDIUM Jul 15, 2022 n/a
CVE-2022-30938 A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.40), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). Affected applications contains a memory corruption vulnerability while parsing specially crafted HTTP packets to /txtrace endpoint manupulating a specific argument. This could allow an attacker to crash the affected application leading to a denial of service condition MEDIUM Jul 12, 2022 n/a
CVE-2022-30792 In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected. MEDIUM Jul 11, 2022 n/a
CVE-2022-30791 In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected. MEDIUM Jul 11, 2022 n/a
CVE-2022-30755 Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent. MEDIUM Jul 16, 2022 n/a
CVE-2022-30602 Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files. MEDIUM Jul 15, 2022 n/a
CVE-2022-30517 Mogu blog 5.2 is vulnerable to Cross Site Scripting (XSS). MEDIUM Jul 13, 2022 n/a
CVE-2022-29619 Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn\'t own and which would otherwise be restricted. MEDIUM Jul 16, 2022 n/a
CVE-2022-29512 Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege. MEDIUM Jul 15, 2022 n/a
CVE-2022-29286 Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling. MEDIUM Jul 17, 2022 n/a
CVE-2022-29187 Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks. MEDIUM Jul 14, 2022 n/a
CVE-2022-28771 Due to missing authentication check, SAP Business one License service API - version 10.0 allows an unauthenticated attacker to send malicious http requests over the network. On successful exploitation, an attacker can break the whole application making it inaccessible. MEDIUM Jul 13, 2022 n/a
CVE-2022-27937 Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264. MEDIUM Jul 17, 2022 n/a
CVE-2022-27936 Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323. MEDIUM Jul 17, 2022 n/a
CVE-2022-27935 Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth. MEDIUM Jul 17, 2022 n/a
CVE-2022-27934 Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP. MEDIUM Jul 17, 2022 n/a
CVE-2022-27933 Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. MEDIUM Jul 17, 2022 n/a
CVE-2022-27932 Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. MEDIUM Jul 17, 2022 n/a
CVE-2022-27931 Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. MEDIUM Jul 17, 2022 n/a
CVE-2022-27930 Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed. MEDIUM Jul 17, 2022 n/a
CVE-2022-27929 Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP. MEDIUM Jul 17, 2022 n/a
CVE-2022-27928 Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. MEDIUM Jul 17, 2022 n/a
CVE-2022-27168 Cross-site scripting vulnerability in LiteCart versions prior to 2.4.2 allows a remote attacker to inject an arbitrary script via unspecified vectors. MEDIUM Jul 15, 2022 n/a
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online