Security Vulnerabilities - CVEs Published In June 2022
An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message.
CVSS Score
7.5
EPSS Score
0.013
Published
2022-06-16
OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials.
CVSS Score
7.5
EPSS Score
0.007
Published
2022-06-16
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
7.8
EPSS Score
0.014
Published
2022-06-16
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
7.8
EPSS Score
0.015
Published
2022-06-16
A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVSS Score
7.8
EPSS Score
0.003
Published
2022-06-16
A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TIF files. This vulnerability in conjunction with other vulnerabilities could lead to arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.003
Published
2022-06-16
An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets.
CVSS Score
7.5
EPSS Score
0.0
Published
2022-06-16
Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via zms/admin/public_html/save_animal?an_id=24.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-06-16
VMware HCX update addresses an information disclosure vulnerability. A malicious actor with network user access to the VMware HCX appliance may be able to gain access to sensitive information.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-06-16
Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function.
CVSS Score
8.8
EPSS Score
0.381
Published
2022-06-16