VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202208-2225 CVE-2021-46835 Huawei  of  WS7200-10  Firmware vulnerabilities CVSS V2: 3.3
CVSS V3: 4.3
Severity: MEDIUM
There is a traffic hijacking vulnerability in WS7200-10 11.0.2.13. Successful exploitation of this vulnerability can cause packets to be hijacked by attackers. Huawei of WS7200-10 There are unspecified vulnerabilities in the firmware.Information may be tampered with. HUAWEI WS7200-10 is a wireless router of China Huawei (HUAWEI). HUAWEI WS7200-10 has security vulnerabilities
VAR-202208-2363 CVE-2022-37347 Trend Micro antivirus   Multiple vulnerabilities in the cloud CVSS V2: -
CVSS V3: 5.5
Severity: MEDIUM
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This vulnerability is similar to, but not the same as CVE-2022-35234. Virus Buster from Trend Micro Inc. An update for the cloud has been released. This vulnerability information is provided by the developer for the purpose of dissemination to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.The potential impact will vary for each vulnerability, but you may be impacted by: Please refer to the respective advisory provided by the developer for details. Cloud version 17.7 It was * Arbitrary file deletion due to link interpretation problem when accessing file in data erasure tool - CVE-2022-30687 It was * Privilege escalation due to link interpretation problems when accessing files - CVE-2022-34893 It was * Information Disclosure via Out-of-Bounds Read Vulnerability - CVE-2022-35234 , CVE-2022-37347 , CVE-2022-37348 It was * Time-of-check Time-of-use (( TOCTOU ) Privilege escalation due to race condition vulnerability - CVE-2022-48191 virus buster Cloud version 17.0 It was * Information Disclosure via Out-of-Bounds Read Vulnerability - CVE-2022-35234 , CVE-2022-37347 , CVE-2022-37348. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the User Mode Hooking Monitor Engine. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of SYSTEM
VAR-202208-2342 CVE-2022-37123 D-Link Systems, Inc.  of  DIR-816  in the firmware  OS  Command injection vulnerability CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/form2userconfig.cgi. D-Link Systems, Inc. of DIR-816 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202208-2352 CVE-2022-34373 Dell's  command | integration suite for system center  Past traversal vulnerability in CVSS V2: -
CVSS V3: 7.8
Severity: HIGH
Dell Command | Integration Suite for System Center, versions prior to 6.2.0, contains arbitrary file write vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability in order to perform an arbitrary write as system. Dell's command | integration suite for system center Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Used to configure and deploy your Dell client systems
VAR-202208-2263 CVE-2022-35252 Haxx  of  cURL  Vulnerabilities in Products from Other Vendors CVSS V2: -
CVSS V3: 3.7
Severity: LOW
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings. Haxx of cURL Products from other vendors have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. A security vulnerability exists in curl versions 4.9 through 7.84. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202212-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: curl: Multiple Vulnerabilities Date: December 19, 2022 Bugs: #803308, #813270, #841302, #843824, #854708, #867679, #878365 ID: 202212-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. Background ========= A command line tool and library for transferring data with URLs. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/curl < 7.86.0 >= 7.86.0 Description ========== Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All curl users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/curl-7.86.0" References ========= [ 1 ] CVE-2021-22922 https://nvd.nist.gov/vuln/detail/CVE-2021-22922 [ 2 ] CVE-2021-22923 https://nvd.nist.gov/vuln/detail/CVE-2021-22923 [ 3 ] CVE-2021-22925 https://nvd.nist.gov/vuln/detail/CVE-2021-22925 [ 4 ] CVE-2021-22926 https://nvd.nist.gov/vuln/detail/CVE-2021-22926 [ 5 ] CVE-2021-22945 https://nvd.nist.gov/vuln/detail/CVE-2021-22945 [ 6 ] CVE-2021-22946 https://nvd.nist.gov/vuln/detail/CVE-2021-22946 [ 7 ] CVE-2021-22947 https://nvd.nist.gov/vuln/detail/CVE-2021-22947 [ 8 ] CVE-2022-22576 https://nvd.nist.gov/vuln/detail/CVE-2022-22576 [ 9 ] CVE-2022-27774 https://nvd.nist.gov/vuln/detail/CVE-2022-27774 [ 10 ] CVE-2022-27775 https://nvd.nist.gov/vuln/detail/CVE-2022-27775 [ 11 ] CVE-2022-27776 https://nvd.nist.gov/vuln/detail/CVE-2022-27776 [ 12 ] CVE-2022-27779 https://nvd.nist.gov/vuln/detail/CVE-2022-27779 [ 13 ] CVE-2022-27780 https://nvd.nist.gov/vuln/detail/CVE-2022-27780 [ 14 ] CVE-2022-27781 https://nvd.nist.gov/vuln/detail/CVE-2022-27781 [ 15 ] CVE-2022-27782 https://nvd.nist.gov/vuln/detail/CVE-2022-27782 [ 16 ] CVE-2022-30115 https://nvd.nist.gov/vuln/detail/CVE-2022-30115 [ 17 ] CVE-2022-32205 https://nvd.nist.gov/vuln/detail/CVE-2022-32205 [ 18 ] CVE-2022-32206 https://nvd.nist.gov/vuln/detail/CVE-2022-32206 [ 19 ] CVE-2022-32207 https://nvd.nist.gov/vuln/detail/CVE-2022-32207 [ 20 ] CVE-2022-32208 https://nvd.nist.gov/vuln/detail/CVE-2022-32208 [ 21 ] CVE-2022-32221 https://nvd.nist.gov/vuln/detail/CVE-2022-32221 [ 22 ] CVE-2022-35252 https://nvd.nist.gov/vuln/detail/CVE-2022-35252 [ 23 ] CVE-2022-35260 https://nvd.nist.gov/vuln/detail/CVE-2022-35260 [ 24 ] CVE-2022-42915 https://nvd.nist.gov/vuln/detail/CVE-2022-42915 [ 25 ] CVE-2022-42916 https://nvd.nist.gov/vuln/detail/CVE-2022-42916 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202212-01 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3 macOS Monterey 12.6.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213604. AppleMobileFileIntegrity Available for: macOS Monterey Impact: An app may be able to access user-sensitive data Description: This issue was addressed by enabling hardened runtime. CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing (wojciechregula.blog) curl Available for: macOS Monterey Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to curl version 7.86.0. CVE-2022-42915 CVE-2022-42916 CVE-2022-32221 CVE-2022-35260 curl Available for: macOS Monterey Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to curl version 7.85.0. CVE-2022-35252 dcerpc Available for: macOS Monterey Impact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2023-23513: Dimitrios Tatsis and Aleksandar Nikolic of Cisco Talos DiskArbitration Available for: macOS Monterey Impact: An encrypted volume may be unmounted and remounted by a different user without prompting for the password Description: A logic issue was addressed with improved state management. CVE-2023-23493: Oliver Norpoth (@norpoth) of KLIXX GmbH (klixx.com) DriverKit Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved checks. CVE-2022-32915: Tommy Muir (@Muirey03) Intel Graphics Driver Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2023-23507: an anonymous researcher Kernel Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2023-23504: Adam Doupé of ASU SEFCOM Kernel Available for: macOS Monterey Impact: An app may be able to determine kernel memory layout Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. (@starlabs_sg) PackageKit Available for: macOS Monterey Impact: An app may be able to gain root privileges Description: A logic issue was addressed with improved state management. CVE-2023-23497: Mickey Jin (@patch1t) Screen Time Available for: macOS Monterey Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2023-23505: Wojciech Regula of SecuRing (wojciechregula.blog) Weather Available for: macOS Monterey Impact: An app may be able to bypass Privacy preferences Description: The issue was addressed with improved memory handling. CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an anonymous researcher WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 248268 CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park (@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung), JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE WebKit Bugzilla: 248268 CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park (@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung), JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE Windows Installer Available for: macOS Monterey Impact: An app may be able to bypass Privacy preferences Description: The issue was addressed with improved memory handling. CVE-2023-23508: Mickey Jin (@patch1t) Additional recognition Kernel We would like to acknowledge Nick Stenning of Replicate for their assistance. macOS Monterey 12.6.3 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. After installing the updated packages, the httpd daemon will be restarted automatically. Bugs fixed (https://bugzilla.redhat.com/): 2064319 - CVE-2022-23943 httpd: mod_sed: Read/write beyond bounds 2064320 - CVE-2022-22721 httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody 2081494 - CVE-2022-1292 openssl: c_rehash script allows command injection 2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling 2095000 - CVE-2022-28330 httpd: mod_isapi: out-of-bounds read 2095002 - CVE-2022-28614 httpd: Out-of-bounds read via ap_rwrite() 2095006 - CVE-2022-28615 httpd: Out-of-bounds read in ap_strcmp_match() 2095015 - CVE-2022-30522 httpd: mod_sed: DoS vulnerability 2095020 - CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism 2097310 - CVE-2022-2068 openssl: the c_rehash script allows command injection 2099300 - CVE-2022-32206 curl: HTTP compression denial of service 2099305 - CVE-2022-32207 curl: Unpreserved file permissions 2099306 - CVE-2022-32208 curl: FTP-KRB bad message verification 2120718 - CVE-2022-35252 curl: control code in cookie denial of service 2135411 - CVE-2022-32221 curl: POST following PUT confusion 2135413 - CVE-2022-42915 curl: HTTP proxy double-free 2135416 - CVE-2022-42916 curl: HSTS bypass via IDN 6. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: curl security update Advisory ID: RHSA-2023:2478-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:2478 Issue date: 2023-05-09 CVE Names: CVE-2022-35252 CVE-2022-43552 ==================================================================== 1. Summary: An update for curl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, ppc64le, s390x, x86_64 3. Description: The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: Incorrect handling of control code characters in cookies (CVE-2022-35252) * curl: Use-after-free triggered by an HTTP proxy deny response (CVE-2022-43552) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2120718 - CVE-2022-35252 curl: Incorrect handling of control code characters in cookies 2152652 - CVE-2022-43552 curl: Use-after-free triggered by an HTTP proxy deny response 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): aarch64: curl-debuginfo-7.76.1-23.el9.aarch64.rpm curl-debugsource-7.76.1-23.el9.aarch64.rpm curl-minimal-debuginfo-7.76.1-23.el9.aarch64.rpm libcurl-debuginfo-7.76.1-23.el9.aarch64.rpm libcurl-devel-7.76.1-23.el9.aarch64.rpm libcurl-minimal-debuginfo-7.76.1-23.el9.aarch64.rpm ppc64le: curl-debuginfo-7.76.1-23.el9.ppc64le.rpm curl-debugsource-7.76.1-23.el9.ppc64le.rpm curl-minimal-debuginfo-7.76.1-23.el9.ppc64le.rpm libcurl-debuginfo-7.76.1-23.el9.ppc64le.rpm libcurl-devel-7.76.1-23.el9.ppc64le.rpm libcurl-minimal-debuginfo-7.76.1-23.el9.ppc64le.rpm s390x: curl-debuginfo-7.76.1-23.el9.s390x.rpm curl-debugsource-7.76.1-23.el9.s390x.rpm curl-minimal-debuginfo-7.76.1-23.el9.s390x.rpm libcurl-debuginfo-7.76.1-23.el9.s390x.rpm libcurl-devel-7.76.1-23.el9.s390x.rpm libcurl-minimal-debuginfo-7.76.1-23.el9.s390x.rpm x86_64: curl-debuginfo-7.76.1-23.el9.i686.rpm curl-debuginfo-7.76.1-23.el9.x86_64.rpm curl-debugsource-7.76.1-23.el9.i686.rpm curl-debugsource-7.76.1-23.el9.x86_64.rpm curl-minimal-debuginfo-7.76.1-23.el9.i686.rpm curl-minimal-debuginfo-7.76.1-23.el9.x86_64.rpm libcurl-debuginfo-7.76.1-23.el9.i686.rpm libcurl-debuginfo-7.76.1-23.el9.x86_64.rpm libcurl-devel-7.76.1-23.el9.i686.rpm libcurl-devel-7.76.1-23.el9.x86_64.rpm libcurl-minimal-debuginfo-7.76.1-23.el9.i686.rpm libcurl-minimal-debuginfo-7.76.1-23.el9.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 9): Source: curl-7.76.1-23.el9.src.rpm aarch64: curl-7.76.1-23.el9.aarch64.rpm curl-debuginfo-7.76.1-23.el9.aarch64.rpm curl-debugsource-7.76.1-23.el9.aarch64.rpm curl-minimal-7.76.1-23.el9.aarch64.rpm curl-minimal-debuginfo-7.76.1-23.el9.aarch64.rpm libcurl-7.76.1-23.el9.aarch64.rpm libcurl-debuginfo-7.76.1-23.el9.aarch64.rpm libcurl-minimal-7.76.1-23.el9.aarch64.rpm libcurl-minimal-debuginfo-7.76.1-23.el9.aarch64.rpm ppc64le: curl-7.76.1-23.el9.ppc64le.rpm curl-debuginfo-7.76.1-23.el9.ppc64le.rpm curl-debugsource-7.76.1-23.el9.ppc64le.rpm curl-minimal-7.76.1-23.el9.ppc64le.rpm curl-minimal-debuginfo-7.76.1-23.el9.ppc64le.rpm libcurl-7.76.1-23.el9.ppc64le.rpm libcurl-debuginfo-7.76.1-23.el9.ppc64le.rpm libcurl-minimal-7.76.1-23.el9.ppc64le.rpm libcurl-minimal-debuginfo-7.76.1-23.el9.ppc64le.rpm s390x: curl-7.76.1-23.el9.s390x.rpm curl-debuginfo-7.76.1-23.el9.s390x.rpm curl-debugsource-7.76.1-23.el9.s390x.rpm curl-minimal-7.76.1-23.el9.s390x.rpm curl-minimal-debuginfo-7.76.1-23.el9.s390x.rpm libcurl-7.76.1-23.el9.s390x.rpm libcurl-debuginfo-7.76.1-23.el9.s390x.rpm libcurl-minimal-7.76.1-23.el9.s390x.rpm libcurl-minimal-debuginfo-7.76.1-23.el9.s390x.rpm x86_64: curl-7.76.1-23.el9.x86_64.rpm curl-debuginfo-7.76.1-23.el9.i686.rpm curl-debuginfo-7.76.1-23.el9.x86_64.rpm curl-debugsource-7.76.1-23.el9.i686.rpm curl-debugsource-7.76.1-23.el9.x86_64.rpm curl-minimal-7.76.1-23.el9.x86_64.rpm curl-minimal-debuginfo-7.76.1-23.el9.i686.rpm curl-minimal-debuginfo-7.76.1-23.el9.x86_64.rpm libcurl-7.76.1-23.el9.i686.rpm libcurl-7.76.1-23.el9.x86_64.rpm libcurl-debuginfo-7.76.1-23.el9.i686.rpm libcurl-debuginfo-7.76.1-23.el9.x86_64.rpm libcurl-minimal-7.76.1-23.el9.i686.rpm libcurl-minimal-7.76.1-23.el9.x86_64.rpm libcurl-minimal-debuginfo-7.76.1-23.el9.i686.rpm libcurl-minimal-debuginfo-7.76.1-23.el9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-35252 https://access.redhat.com/security/cve/CVE-2022-43552 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZFo0V9zjgjWX9erEAQhmTw/9FUwLCGRKCmddNVTMAaay54EPggJFOPKx nN06YIqiK5arkX4SD58YZrX9J0gUZcwGs6s5WO35pG3F+qJXhe8E8fbzavqRG5NB oxG+pDC5+6xQxK41tkuLYJoUhF1w4yG8SuMSzroLcpbut/MAjKGGw4qgyNGit1Su xFGrDTyFxtj+tUZIQCil0HAqlXswQ7G2ukB9kQBpxNRfR0V2ANfmfkkGj8+xWauh L1PcaDezNWgAbgWbuf3mHNiwDMxWsNfcwCbx3P8sF+vRe7q5RdIFNL1oXJkPxQVy C6L29KcaLYxToNmUNyrOncWAj8KSlrDngVq3NXnG34lVzqz2t/ouc/0lX4Jc9qTL mGwYoXvlTqQgV4hGQPfDufApaukxgZfcSidSfqlNt1amYYNiYcvIyf15dht87ipB 27ahZWDKvunB4gqMG62XNHyiu9bKmDCyL57ggUBt3wxJ7H9M/OgjsI7C/i/10SMT D75GjYaU2TWyGLd4SvbV6/3pA3zAZ0Ffqc66uANwfBXC7jFd2/ykEBir3vJYTq17 r2YWYgH2sma5kwb7ZHQhLKk+N2a0g1KX+Mr0V2wJ+yAYwkbz6wu/BVDXstBFkumJ /iKmtOn0Mk07wo/3wvWu5M4tk4kZzmLzs1/ybH3GWOUbFUxbqgOos3/0Vi/uSW88 Yxf4bV/uBmU=HlZ2 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . This product release includes bug fixes and security update for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Description: Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server 2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add 2174485 - CVE-2023-25173 containerd: Supplementary groups are not set up properly 5. JIRA issues fixed (https://issues.redhat.com/): OCPBUGS-10418 - Case sensitivity issue when label "openshift.io/cluster-monitoring" set to 'True' on openshift-windows-machine-config-operator namespace OCPBUGS-11831 - oc adm node-logs failing in vSphere CI OCPBUGS-15435 - Instance configurations fails on Windows Server 2019 without the container feature OCPBUGS-3572 - Check if Windows defender is running doesnt work OCPBUGS-4247 - Load balancer shows connectivity outage during Windows nodes upgrade OCPBUGS-5894 - Windows nodes do not get drained (deconfigure) during the upgrade process OCPBUGS-7726 - WMCO kubelet version not matching OCP payload's one OCPBUGS-8055 - containerd version is being misreported WINC-818 - Investigate if the Upgradeable condition is being tested in e2e suite WINC-823 - Test generated community manifests in WMCO e2e 6. Description: VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters. After deploying the VolSync operator, it can create and maintain copies of your persistent data. For more information about VolSync, see: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/add-ons/add-ons-overview#volsync or the VolSync open source community website at: https://volsync.readthedocs.io/en/stable/. This advisory contains enhancements and updates to the VolSync container images. Security fix(es): * CVE-2023-3089 openshift: OCP & FIPS mode 3. Bugs fixed (https://bugzilla.redhat.com/): 2212085 - CVE-2023-3089 openshift: OCP & FIPS mode 5
VAR-202208-2216 CVE-2022-25635 Realtek Semiconductor Corp  of  bluetooth mesh software development kit  Classic buffer overflow vulnerability in CVSS V2: -
CVSS V3: 6.5
Severity: MEDIUM
Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for broadcast network packet length. An unauthenticated attacker in the adjacent network can exploit this vulnerability to disrupt service. Realtek Semiconductor Corp of bluetooth mesh software development kit Exists in a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202208-2314 CVE-2022-26529 Realtek Semiconductor Corp  of  bluetooth mesh software development kit  Classic buffer overflow vulnerability in CVSS V2: -
CVSS V3: 6.5
Severity: MEDIUM
Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for segmented packets’ link parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service. Realtek Semiconductor Corp of bluetooth mesh software development kit Exists in a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202208-2358 CVE-2022-26527 Realtek Semiconductor Corp  of  bluetooth mesh software development kit  Classic buffer overflow vulnerability in CVSS V2: -
CVSS V3: 6.5
Severity: MEDIUM
Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the size of segmented packets’ reference parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service. Realtek Semiconductor Corp of bluetooth mesh software development kit Exists in a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202208-2347 CVE-2022-26528 Realtek Semiconductor Corp  of  bluetooth mesh software development kit  Classic buffer overflow vulnerability in CVSS V2: -
CVSS V3: 6.5
Severity: MEDIUM
Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets’ shift parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service. Realtek Semiconductor Corp of bluetooth mesh software development kit Exists in a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202208-2251 CVE-2022-31232 Dell's  smartfabric storage software  In  OS  Command injection vulnerability CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access and perform actions on the affected system. Dell's smartfabric storage software for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202208-2199 CVE-2022-34375 Dell's  container storage modules  Past traversal vulnerability in CVSS V2: -
CVSS V3: 6.5
Severity: MEDIUM
Dell Container Storage Modules 1.2 contains a path traversal vulnerability in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to unintentional access to path outside of restricted directory
VAR-202208-2167 CVE-2022-34374 Dell's  container storage modules  In  OS  Command injection vulnerability CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to to execute arbitrary OS commands on the affected system. (DoS) It may be in a state. Designed to provide additional functionality beyond what is available with container storage. The vulnerability stems from the inclusion of operating system command injection in the goiscsi and gobrick libraries
VAR-202208-2200 CVE-2022-30318 Honeywell International Inc.  of  ControlEdge PLC  firmware and  ControlEdge RTU  Vulnerability related to use of hardcoded credentials in firmware CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of service. The Honeywell ControlEdge PLC and RTU product line exposes an SSH service on port 22/TCP. Login as root to this service is permitted and credentials for the root user are hardcoded without automatically changing them upon first commissioning. The credentials for the SSH service are hardcoded in the firmware. The credentials grant an attacker access to a root shell on the PLC/RTU, allowing for remote code execution, configuration manipulation and denial of service. Honeywell International Inc. of ControlEdge PLC firmware and ControlEdge RTU A vulnerability exists in the firmware regarding the use of hardcoded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202208-2375 CVE-2022-2599 Anti-Malware Security and Brute-Force Firewall project  of  WordPress  for  Anti-Malware Security and Brute-Force Firewall  Cross-site scripting vulnerability in CVSS V2: -
CVSS V3: 6.1
Severity: MEDIUM
The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.21.83 does not sanitise and escape some parameters before outputting them back in an admin dashboard, leading to Reflected Cross-Site Scripting
VAR-202208-2174 CVE-2022-32993 TOTOLINK  of  a7000r  Firmware vulnerabilities CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
TOTOLINK A7000R V4.1cu.4134 was discovered to contain an access control issue via /cgi-bin/ExportSettings.sh. TOTOLINK of a7000r There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TOTOLINK A7000R is a wireless router launched by TOTOLINK Electronics Co., Ltd. in China. It supports WiFi 7 technology and is suitable for home or small business network environments. Detailed vulnerability information is not currently available
VAR-202208-2006 CVE-2022-36200 fiberhome  of  hg150-ub  Vulnerability in cleartext transmission of sensitive information in firmware CVSS V2: -
CVSS V3: 7.5
Severity: HIGH
In FiberHome VDSL2 Modem HG150-Ub_V3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed. fiberhome of hg150-ub A vulnerability exists in the firmware regarding the transmission of sensitive information in plaintext.Information may be obtained
VAR-202208-2388 No CVE Hardcoded vulnerability in TOTOLINK A720R CVSS V2: 2.1
CVSS V3: -
Severity: LOW
TOTOLINK A720R is a wireless router. TOTOLINK A720R has a hard-coded vulnerability that can be exploited by attackers to obtain sensitive information.
VAR-202208-2306 CVE-2022-37681 Hitachi Kokusai Electric Inc ISnex HC-IP9100HD  Past traversal vulnerability in CVSS V2: -
CVSS V3: 7.5
Severity: HIGH
Hitachi Kokusai Electric Newtork products for monitoring system (Camera, Decoder and Encoder) and below allows attckers to perform a directory traversal via a crafted GET request to the endpoint /ptippage.cgi. Security information ID hitachi-sec-2022-001 contains fixes for the issue. Hitachi Kokusai Electric Inc ISnex HC-IP9100HD Exists in a past traversal vulnerability.Information may be obtained
VAR-202208-2194 CVE-2022-36755 D-Link Systems, Inc.  of  dir-845l  Authentication vulnerability in firmware CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php. D-Link Systems, Inc. of dir-845l An authentication vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202208-2047 CVE-2022-37053 TRENDnet  of  TEW733GR  Code injection vulnerability in firmware CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php. TRENDnet of TEW733GR A code injection vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state