Security Vulnerabilities - CVEs Published In December 2022
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /meetings/listmeetings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-12-02
Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could allow an attacker to perform unauthorized changes to the device, remotely execute arbitrary code, or cause a denial-of-service condition.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-12-02
Horner Automation’s RCC 972 firmware version 15.40 contains global variables. This could allow an attacker to read out sensitive values and variable keys from the device.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-12-02
Cradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable
to shell escape, which enables local attackers with non-superuser
credentials to gain full, unrestrictive shell access which may allow an
attacker to execute arbitrary code.
CVSS Score
7.1
EPSS Score
0.002
Published
2022-12-02
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php.
CVSS Score
9.8
EPSS Score
0.632
Published
2022-12-02
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php.
CVSS Score
9.8
EPSS Score
0.632
Published
2022-12-02
The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering. This could allow an attacker to obtain credentials to run services such as File Transfer Protocol (FTP) and Hypertext Transfer Protocol (HTTP).
CVSS Score
7.5
EPSS Score
0.001
Published
2022-12-02
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-12-02
Capsule is a multi-tenancy and policy-based framework for Kubernetes. Prior to version 0.1.3, a ServiceAccount deployed in a Tenant Namespace, when granted with `PATCH` capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule Operator and removing all the enforcement like Pod Security annotations, Network Policies, Limit Range and Resource Quota items. An attacker could detach the Namespace from a Tenant that is forbidding starting privileged Pods using the Pod Security labels by removing the OwnerReference, removing the enforcement labels, and being able to start privileged containers that would be able to start a generic Kubernetes privilege escalation. Patches have been released for version 0.1.3. No known workarounds are available.
CVSS Score
8.8
EPSS Score
0.004
Published
2022-12-02
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-12-02