Alert News 2022-  2024(3)  2023(11)  2022(19)  2021(21)  2020(40)  2019(27)  2018(32)  2017(54)  2016(100)  2015(118)  2014(139)

Published

Public 

Updated 

VU#

CVSS 

Title

2022-11-162022-01-102023-01-03VU#709991 Netatalk contains multiple error and memory management vulnerabilities
2022-11-082022-11-082022-11-23VU#434994 Multiple race conditions due to TOCTOU flaws in various UEFI Implementations
2022-11-012022-11-012023-01-10VU#794340 OpenSSL 3.0.0 to 3.0.6 decodes some punycode email addresses in X.509 certificates improperly
2022-10-072022-10-072022-12-19VU#730793 Heimdal Kerberos vulnerable to remotely triggered NULL pointer dereference
2022-10-032022-10-032022-11-10VU#915563 Microsoft Exchange vulnerable to server-side request forgery and remote code execution.
2022-09-272022-09-272023-01-03VU#855201 L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers
2022-08-112022-08-112022-09-28VU#309662 Signed third party UEFI bootloaders are vulnerable to Secure Boot bypass
2022-08-042022-08-042022-08-05VU#495801 muhttpd versions 1.1.5 and earlier are vulnerable to path traversal

2022-06-21

2022-06-21

2022-06-21

VU#142546

 

SMA Technologies OpCon UNIX agent adds the same SSH key to all installations

2022-05-09

2022-05-02

2022-05-09

VU#473698

 

uClibc, uClibc-ng libraries have monotonically increasing DNS transaction ID

2022-04-28

2022-04-28

2022-04-28

VU#730007

 

Tychon is vulnerable to privilege escalation due to OPENSSLDIR location

2022-04-28

2010-10-10

2022-04-28

VU#411271

 

Qt allows for privilege escalation due to hard-coding of qt_prfxpath value

2022-03-31

2022-03-30

2022-04-13

VU#970766

 

Spring Framework insecurely handles PropertyDescriptor objects with data binding

2022-02-24

2022-02-24

2022-02-24

VU#383864

 

Visual Voice Mail (VVM) services transmit unencrypted credentials via SMS

2022-02-22

2022-02-22

2022-02-24

VU#229438

 

Mobile device monitoring services do not authenticate API requests

2022-02-01

2022-02-01

2022-02-25

VU#796611

 

InsydeH2O UEFI software impacted by multiple vulnerabilities in SMM

2022-01-31

2022-01-31

2022-03-01

VU#119678

 

Samba vfs_fruit module insecurely handles extended file attributes

2022-01-20

2022-01-20

2022-01-20

VU#287178

 

McAfee Agent for Windows is vulnerable to privilege escalation due to OPENSSLDIR location

2022-01-07

2022-01-07

2022-01-07

VU#142629

 

Silicon Labs Z-Wave chipsets contain multiple vulnerabilities