RMX Security CERT Global

• CVE-2022-3002 (yetiforce_customer_relationship_management)
  Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. ... read more
• CVE-2022-27810
  It was possible to trigger an infinite recursion condition in the error handler when Hermes executed specific maliciously formed JavaScript. This condition was only possible to trigger in dev-mode (when ... read more
• CVE-2022-39284
  CodeIgniter is a PHP full-stack web framework. In versions prior to 4.2.7 setting `$secure` or `$httponly` value to `true` in `ConfigCookie` is not reflected in `set_cookie()` or `Response::setCookie()`. As a ... read more
• CVE-2022-41355
  Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /leave_system/classes/Master.php?f=delete_department. ... read more
• CVE-2022-39279
  discourse-chat is a plugin for the Discourse message board which adds chat functionality. In versions prior to 0.9 some places render a chat channel's name and description in an unsafe ... read more
• CVE-2022-41556
  A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It ... read more
• CVE-2022-41522
  TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an unauthenticated stack overflow via the "main" function. ... read more
• CVE-2022-41517
  TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a stack overflow in the lang parameter in the setLanguageCfg function ... read more
• CVE-2022-41520
  TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the File parameter in the UploadCustomModule function. ... read more
• CVE-2022-41521
  TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the sPort/ePort parameter in the setIpPortFilterRules function. ... read more
• CVE-2022-41528
  TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the text parameter in the setSmsCfg function. ... read more
• CVE-2022-41527
  TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the pppoeUser parameter in the setOpModeCfg function. ... read more
• CVE-2022-41523
  TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the command parameter in the setTracerouteCfg function. ... read more
• CVE-2022-41853
  Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any ... read more
• CVE-2022-41524
  TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the week, sTime, and eTime parameters in the setParentalRules function. ... read more
• CVE-2022-42457
  Generex CS141 before 2.08 allows remote command execution by administrators via a web interface that reaches run_update in /usr/bin/gxserve-update.sh (e.g., command execution can occur via a reverse shell installed by ... read more
• CVE-2022-41525
  TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a command injection vulnerability via the OpModeCfg function at /cgi-bin/cstecgi.cgi. ... read more
• CVE-2022-41518
  TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a command injection vulnerability via the UploadFirmwareFile function at /cgi-bin/cstecgi.cgi. ... read more
• CVE-2022-41852
  Those using JXPath to interpret untrusted XPath expressions may be vulnerable to a remote code execution attack. All JXPathContext class functions processing a XPath string are vulnerable except compile() and ... read more
• CVE-2022-41526
  TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the ip parameter in the setDiagnosisCfg function. ... read more
• CVE-2022-42241 (simple_cold_storage_management_system)
  Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_message. ... read more
• CVE-2022-42242 (simple_cold_storage_management_system)
  Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_booking. ... read more
• CVE-2022-42250 (simple_cold_storage_management_system)
  Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/inquiries/view_details.php?id=. ... read more
• CVE-2022-42249 (simple_cold_storage_management_system)
  Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/view_storage.php?id=. ... read more
• CVE-2022-42243 (simple_cold_storage_management_system)
  Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/manage_storage.php?id=. ... read more
• Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
  ... read more
• Top CVEs Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors   
  Original release date: October 6, 2022CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) providing the top Common Vulnerabilities ... read more
• IBM Security Update
  IBM has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are ... read more
• Ubuntu Security Update
  Ubuntu has released security updates to address vulnerabilities in Linux kernel, kitty and DHCP. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and ... read more
• Trend Micro Security Update
  Trend Micro has released security updates to address vulnerabilities in Apex One (on-prem) and Apex One (SaaS). Exploitation of these vulnerabilities may allow an attacker to gain escalated privilege. Users ... read more
• Cisco Security Update
  Cisco has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are ... read more
• Dell Security Update
  Dell has released security updates to address vulnerabilities in Dell EMC SRM and Dell EMC Storage. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. ... read more
• Android Security Update
  Google has released security update to address vulnerabilities in Android OS. Exploitation of these vulnerabilities may allow an attacker to gain escalated privilege. Users and administrators are encouraged to review ... read more
• Chrome Security Update
  Google has released security updates to address vulnerabilities in Chrome for Desktop and ChromeOS. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and ... read more
• Oracle Linux Security Update
  Oracle has released security updates to address vulnerabilities in kurbenetes, squid and bind. Exploitation of these vulnerabilities may allow an attacker to gain access to sensitive information. Users and administrators ... read more
• Red Hat Security Update
  Red Hat has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are ... read more
• Mageia Security Update
  Mageia has released security updates to address vulnerabilities in bash, chromium-broswer and golang. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators ... read more
• CISA Releases Two Industrial Control Systems Advisories
  Original release date: October 6, 2022CISA released two (2) Industrial Control Systems (ICS) advisories on October 06, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits ... read more
• Cisco Releases Security Updates for Multiple Products
  Original release date: October 6, 2022Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected ... read more
• HIWIN Robot System Software (HRSS)
  ICS Advisory ... read more
• Rockwell Automation FactoryTalk VantagePoint
  ICS Advisory ... read more
• CERTFR-2022-AVI-884 : Multiples vulnérabilités dans Trend Micro Apex One (06 octobre 2022)
  De multiples vulnérabilités ont été découvertes dans Trend Micro Apex One. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une atteinte à l'intégrité des ... read more
• CERTFR-2022-AVI-885 : Multiples vulnérabilités dans les produits Cisco (06 octobre 2022)
  De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une élévation de privilèges, un déni ... read more
• CERTFR-2022-AVI-886 : Multiples vulnérabilités dans les produits IBM (06 octobre 2022)
  De multiples vulnérabilités ont été découvertes dans les produits IBM. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance ... read more
• Cyberattack on Menéame with data leaks
  Publication date: 10/03/2022 Menéame has been the target of an attack in which some users' data was leaked. The company details, in its official statement, that on 14 September ... read more
• Ciberataque a Menéame con filtración de datos
  Fecha de publicación: 03/10/2022 Menéame ha sido objetivo de un ataque en el que se filtraron datos de algunos usuarios. La compañía detalla, en su comunicado oficial, que el ... read more
• Vulnerabilidad de credenciales sin cifrar en BD Totalys MultiProcessor
  Fecha de publicación: 06/10/2022 Importancia: Media Recursos afectados: BD Totalys MultiProcessor, versión 1.70 y anteriores. Descripción: BD ha informado a CISA de una vulnerabilidad de uso de ... read more
• Múltiples vulnerabilidades en Horner Automation Cscape
  Fecha de publicación: 06/10/2022 Importancia: Alta Recursos afectados: Cscape, versiones 9.90 SP 6 y anteriores; Cscape, versiones 9.90 SP 7 y anteriores (únicamente afectadas por CVE-2022-3379 y ... read more
• Fallo de autenticación en Metasys ADX Server de Johnson Controls
  Fecha de publicación: 06/10/2022 Importancia: Alta Recursos afectados: Metasys ADX Server, versión 12.0 ejecutando MVE (Metasys for Validated Environments). Descripción: El fabricante ha reportado una vulnerabilidad de ... read more
• Vulnerabilidad de escritura fuera de límites en CX-Programmer de Omron
  Fecha de publicación: 06/10/2022 Importancia: Alta Recursos afectados: CX-Programmer versión 9.78 y anteriores. Descripción: Xina1i, en colaboración con Zero Day Initiative de Trend Micro, ha informado de ... read more