Security Vulnerabilities - CVEs Published In October 2022
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-10-14
A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation fault.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-10-14
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix of CVE-2021-3514.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-10-14
There is a file inclusion vulnerability in the template management module in UCMS 1.6
CVSS Score
8.8
EPSS Score
0.001
Published
2022-10-14
An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020. and prior may lead to code execution or information disclosure through maliciously crafted FBX files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-10-14
A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX SDK 2020 version causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-10-14
An Out-Of-Bounds Write Vulnerability in Autodesk FBX SDK 2020 version and prior may lead to code execution through maliciously crafted FBX files or information disclosure.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-10-14
A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-10-14
A maliciously crafted PCT file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-10-14
A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVSS Score
7.8
EPSS Score
0.003
Published
2022-10-14