CVE-2022-34893
Trend Micro Security 2022 (consumer) has a link following vulnerability where an attacker with lower privileges could manipulate a mountpoint which could lead to escalation of privilege on an affected machine.
Source: CVE-2022-34893
[월:] 2022년 09월
CVE-2022-37347
CVE-2022-37347
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine.
This vulnerability is similar to, but not the same as CVE-2022-35234.
Source: CVE-2022-37347
CVE-2022-37348
CVE-2022-37348
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine.
This vulnerability is similar to, but not the same as CVE-2022-37347.
Source: CVE-2022-37348
CVE-2022-40468
CVE-2022-40468
Tinyproxy commit 84f203f and earlier does not process HTTP request lines in the process_request() function and is using uninitialized buffers. This vulnerability allows attackers to access sensitive information at system runtime.
Source: CVE-2022-40468
CVE-2022-3218
CVE-2022-3218
Due to a reliance on client-side authentication, the WiFi Mouse (Mouse Server) from Necta LLC’s authentication mechanism is trivially bypassed, which can result in remote code execution.
Source: CVE-2022-3218
CVE-2022-38333
CVE-2022-38333
Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function header_value(). This vulnerability allows attackers to access sensitive information via a crafted HTTP request.
Source: CVE-2022-38333
CVE-2022-40715
CVE-2022-40715
An issue was discovered in NOKIA 1350OMS R14.2. An Absolute Path Traversal vulnerability exists for a specific endpoint via the logfile parameter, allowing a remote authenticated attacker to read files on the filesystem arbitrarily.
Source: CVE-2022-40715
CVE-2022-40714
CVE-2022-40714
An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS exists under different /oms1350/* endpoints.
Source: CVE-2022-40714
CVE-2022-40713
CVE-2022-40713
An issue was discovered in NOKIA 1350OMS R14.2. Multiple Relative Path Traversal issues exist in different specific endpoints via the file parameter, allowing a remote authenticated attacker to read files on the filesystem arbitrarily.
Source: CVE-2022-40713
CVE-2022-40712
CVE-2022-40712
An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS exists under different /cgi-bin/R14.2* endpoints.
Source: CVE-2022-40712