Snapshot
Nov. 18, 2022 - Nov. 25, 2022
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
No issues added to the CISA Known Exploited Vulnerability list. | ||||
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2022-4135 | Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the render... | CRITICAL | Google, Microsoft |
CISA Known Exploited Actively Exploited |
CVE-2022-43782 | Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration... | CRITICAL | Risk Context N/A | |
CVE-2022-43781 | There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. | CRITICAL | Atlassian | Risk Context N/A |
CVE-2022-37966 | Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability. | HIGH | Microsoft | Risk Context N/A |
CVE-2022-41040 | Microsoft Exchange Server Elevation of Privilege Vulnerability. | HIGH | Microsoft |
CISA Known Exploited Actively Exploited Used In Ransomware Public Exploits Available |
CVE-2022-36449 | An issue was discovered in the Arm Mali GPU Kernel Driver. | MEDIUM | Arm | Risk Context N/A |
CVE-2022-33917 | An issue was discovered in the Arm Mali GPU Kernel Driver . | MEDIUM | Arm | Risk Context N/A |
CVE-2021-35395 | Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used t... | CRITICAL | Realtek |
CISA Known Exploited |
CVE-2021-33558 | Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration involving backup.html, preview.htm... | HIGH | Boa |
Actively Exploited Public Exploits Available |
CVE-2017-9833 | /cgi-bin/wapopen in BOA Webserver 0.94.14rc21 allows the injection of "../.." using the FILECAMERA variable to read files wi... | HIGH | Boa |
Actively Exploited |
CISA Known Exploited Vulnerabilities
CISA added 0 vulnerabilities to the known exploited vulnerabilities list.
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2022-43782 |
CRITICAL CVSS 9.80 |
Risk Context N/A |
Published: Nov. 17, 2022 |
Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd's REST API under the {{usermanagement}} path. This vulnerability can only be exploited by IPs specified under the crowd application allowlist in the Remote Addresses configuration, which is {{none}} by default. The affected versions are all versions 3.x.x, versions 4.x.x before version 4.4.4, and versions 5.x.x before 5.0.3 |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2022-43781 |
CRITICAL CVSS 9.80 |
Risk Context N/A |
Published: Nov. 17, 2022 |
There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can be unauthenticated if the Bitbucket Server and Data Center instance has enabled “Allow public signup”. |
Vendor Impacted: Atlassian |
Product Impacted: Bitbucket |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2022-37966 |
HIGH CVSS 8.10 |
Risk Context N/A |
Published: Nov. 9, 2022 |
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability. |
Vendor Impacted: Microsoft |
Products Impacted: Windows Server 2008, Windows Server 2016, Windows Server 2012, Windows Server 2022, Windows Server 2019 |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2022-41040 |
HIGH CVSS 8.80 |
CISA Known Exploited Actively Exploited Used In Ransomware Public Exploits Available |
Published: Oct. 3, 2022 |
Microsoft Exchange Server Elevation of Privilege Vulnerability. |
Vendor Impacted: Microsoft |
Product Impacted: Exchange Server |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2022-36449 |
MEDIUM CVSS 6.50 |
Risk Context N/A |
Published: Sept. 1, 2022 |
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory, write a limited amount outside of buffer bounds, or to disclose details of memory mappings. This affects Midgard r4p0 through r32p0, Bifrost r0p0 through r38p0 and r39p0 before r38p1, and Valhall r19p0 through r38p0 and r39p0 before r38p1. |
Vendor Impacted: Arm |
Products Impacted: Bifrost, Valhall, Midgard |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2022-33917 |
MEDIUM CVSS 5.50 |
Risk Context N/A |
Published: Aug. 2, 2022 |
An issue was discovered in the Arm Mali GPU Kernel Driver (Valhall r29p0 through r38p0). A non-privileged user can make improper GPU processing operations to gain access to already freed memory. |
Vendor Impacted: Arm |
Product Impacted: Valhall Gpu Kernel Driver |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2021-35395 |
CRITICAL CVSS 9.80 |
CISA Known Exploited |
Published: Aug. 16, 2021 |
Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both of them are affected by these vulnerabilities. Specifically, these binaries are vulnerable to the following issues: - stack buffer overflow in formRebootCheck due to unsafe copy of submit-url parameter - stack buffer overflow in formWsc due to unsafe copy of submit-url parameter - stack buffer overflow in formWlanMultipleAP due to unsafe copy of submit-url parameter - stack buffer overflow in formWlSiteSurvey due to unsafe copy of ifname parameter - stack buffer overflow in formStaticDHCP due to unsafe copy of hostname parameter - stack buffer overflow in formWsc due to unsafe copy of 'peerPin' parameter - arbitrary command execution in formSysCmd via the sysCmd parameter - arbitrary command injection in formWsc via the 'peerPin' parameter Exploitability of identified issues will differ based on what the end vendor/manufacturer did with the Realtek SDK webserver. Some vendors use it as-is, others add their own authentication implementation, some kept all the features from the server, some remove some of them, some inserted their own set of features. However, given that Realtek SDK implementation is full of insecure calls and that developers tends to re-use those examples in their custom code, any binary based on Realtek SDK webserver will probably contains its own set of issues on top of the Realtek ones (if kept). Successful exploitation of these issues allows remote attackers to gain arbitrary code execution on the device. |
Vendor Impacted: Realtek |
Product Impacted: Jungle Software Development Kit (Sdk) |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2021-33558 |
HIGH CVSS 7.50 |
Actively Exploited Public Exploits Available |
Published: May 27, 2021 |
Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration involving backup.html, preview.html, js/log.js, log.html, email.html, online-users.html, and config.js. |
Vendor Impacted: Boa |
Product Impacted: Boa |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2017-9833 |
HIGH CVSS 7.80 |
Actively Exploited |
Published: June 24, 2017 |
/cgi-bin/wapopen in BOA Webserver 0.94.14rc21 allows the injection of "../.." using the FILECAMERA variable (sent by GET) to read files with root privileges. |
Vendor Impacted: Boa |
Product Impacted: Boa |
Quotes
|
Headlines
|
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.