CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30179 – Azure RTOS GUIX Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-30179
15 Jun 2022 — Azure RTOS GUIX Studio Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota en Azure RTOS GUIX Studio. Este ID de CVE es diferente de CVE-2022-30177, CVE-2022-30178 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30179 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30178 – Azure RTOS GUIX Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-30178
15 Jun 2022 — Azure RTOS GUIX Studio Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota en Azure RTOS GUIX Studio. Este ID de CVE es diferente de CVE-2022-30177, CVE-2022-30179 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30178 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30177 – Azure RTOS GUIX Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-30177
15 Jun 2022 — Azure RTOS GUIX Studio Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota en Azure RTOS GUIX Studio. Este ID de CVE es diferente de CVE-2022-30178, CVE-2022-30179 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30177 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2022-29149 – Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-29149
15 Jun 2022 — Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Azure Open Management Infrastructure (OMI) Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29149 •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2022-29246 – Potential buffer overflow in function DFU upload in Azure RTOS USBX
https://notcve.org/view.php?id=CVE-2022-29246
24 May 2022 — Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack. Prior to version 6.1.11, he USBX DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this may allow an attacker to bypass security features or execute arbitrary code. The implementation of `ux_device_class_dfu_control_request` function does not assure that a buffer overflow will not occur during handling of the DFU UPLOAD command. When an attacker issu... • https://github.com/azure-rtos/usbx/blob/master/common/usbx_device_classes/src/ux_device_class_dfu_control_request.c • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29223 – Buffer overflow on HUB descriptor in Azure RTOS USBX
https://notcve.org/view.php?id=CVE-2022-29223
24 May 2022 — Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack. In versions prior to 6.1.10, an attacker can cause a buffer overflow by providing the Azure RTOS USBX host stack a HUB descriptor with `bNbPorts` set to a value greater than `UX_MAX_TT` which defaults to 8. For a `bNbPorts` value of 255, the implementation of `ux_host_class_hub_descriptor_get` function will modify the contents of `hub` -> `ux_host_class_hub_device` -> `ux_device_hub_tt` array violating the end boundary by 255 - `UX_M... • https://github.com/azure-rtos/usbx/releases/tag/v6.1.10_rel • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26907 – Azure SDK for .NET Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-26907
15 Apr 2022 — Azure SDK for .NET Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información en Azure SDK for .NET • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26907 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.2EPSS: 1%CPEs: 1EXPL: 0CVE-2022-26898 – Azure Site Recovery Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-26898
15 Apr 2022 — Azure Site Recovery Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Azure Site Recovery • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26898 •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26897 – Azure Site Recovery Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-26897
15 Apr 2022 — Azure Site Recovery Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información en Azure Site Recovery. Este ID de CVE es diferente de CVE-2022-26896 • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26897 •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26896 – Azure Site Recovery Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-26896
15 Apr 2022 — Azure Site Recovery Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información en Azure Site Recovery. Este ID de CVE es diferente de CVE-2022-26897 • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26896 •