CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-27219
https://notcve.org/view.php?id=CVE-2022-27219
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 443. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors. Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V3.0 SP2). La aplicación afectada carece de encabezados de seguridad HTTP generales en el servidor web configurado en el puerto 443. • https://cert-portal.siemens.com/productcert/pdf/ssa-911567.pdf • CWE-358: Improperly Implemented Security Check for Standard CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2022-25314 – expat: Integer overflow in copyString()
https://notcve.org/view.php?id=CVE-2022-25314
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. En Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, se presenta un desbordamiento de enteros en copyString An integer overflow flaw was found in expat. This issue affects the encoding name parameter at the parser creation time, which is often hard-coded (rather than user input), takes a value in the gigabytes to trigger, and on a 64-bit machine. This flaw can cause a denial of service. • http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/560 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM https://security.gentoo.org/glsa/202209-24 https://security.netapp.com/advisory/ntap-20220303-0008 htt • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 2%CPEs: 9EXPL: 1CVE-2022-25315 – expat: Integer overflow in storeRawNames()
https://notcve.org/view.php?id=CVE-2022-25315
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. En Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, se presenta un desbordamiento de enteros en storeRawNames An integer overflow was found in expat. The issue occurs in storeRawNames() by abusing the m_buffer expansion logic to allow allocations very close to INT_MAX and out-of-bounds heap writes. This flaw can cause a denial of service or potentially arbitrary code execution. • http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/559 https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM https://security.gentoo.org/glsa&# • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 2CVE-2022-25313 – expat: Stack exhaustion in doctype parsing
https://notcve.org/view.php?id=CVE-2022-25313
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. En Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, un atacante puede desencadenar un agotamiento de pila en build_model por medio de una gran profundidad de anidamiento en el elemento DTD A flaw was found in expat. A stack exhaustion in doctype parsing could be triggered by a file with a large number of opening braces, resulting in a denial of service. • https://github.com/Trinadh465/external_expat-2.1.0_CVE-2022-25313 https://github.com/ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25313 http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/558 https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https • CWE-674: Uncontrolled Recursion CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2022-25235 – expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-25235
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. El archivo xmltok_impl.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, carece de determinada comprobación de codificación, como comprueba si un carácter UTF-8 es válido en un determinado contexto A flaw was found in expat. Passing malformed 2- and 3-byte UTF-8 sequences (for example, from start tag names) to the XML processing application on top of expat can lead to arbitrary code execution. This issue is dependent on how invalid UTF-8 is handled inside the XML processor. • http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/562 https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM https://security.gentoo.org/glsa&# • CWE-116: Improper Encoding or Escaping of Output CWE-838: Inappropriate Encoding for Output Context •