This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.
There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.
We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.
If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!
1. CVE-2021-44733
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.
https://nvd.nist.gov/vuln/detail/CVE-2021-44733
2. CVE-2022-27593
An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later QTS 4.3.6: Photo Station 5.7.18 and later QTS 4.3.3: Photo Station 5.4.15 and later QTS 4.2.6: Photo Station 5.2.14 and later
https://nvd.nist.gov/vuln/detail/CVE-2022-27593
3. CVE-2022-24637
Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with ‘
https://nvd.nist.gov/vuln/detail/CVE-2022-24637
4. CVE-2022-27925
Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal.
https://nvd.nist.gov/vuln/detail/CVE-2022-27925
5. CVE-2022-0337
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
https://nvd.nist.gov/vuln/detail/CVE-2022-0337
6. CVE-2018-17866
Multiple cross-site scripting (XSS) vulnerabilities in includes/core/um-actions-login.php in the “Ultimate Member – User Profile & Membership” plugin before 2.0.28 for WordPress allow remote attackers to inject arbitrary web script or HTML via the “Primary button Text” or “Second button text” field.
https://nvd.nist.gov/vuln/detail/CVE-2018-17866
7. CVE-2022-24086
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.
https://nvd.nist.gov/vuln/detail/CVE-2022-24086
8. CVE-2021-43008
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.
https://nvd.nist.gov/vuln/detail/CVE-2021-43008
9. CVE-2020-1472
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka ‘Netlogon Elevation of Privilege Vulnerability’.
https://nvd.nist.gov/vuln/detail/CVE-2020-1472
10. CVE-2021-34236
Buffer Overflow in Netgear R8000 Router with firmware v1.0.4.56 allows remote attackers to execute arbitrary code or cause a denial-of-service by sending a crafted POST to ‘/bd_genie_create_account.cgi’ with a sufficiently long parameter ‘register_country’.
https://nvd.nist.gov/vuln/detail/CVE-2021-34236