Security Vulnerabilities - CVEs Published In March 2022
A memory leakage flaw exists in the class PerimeterGenerator of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. Specially crafted stl files can exhaust available memory. An attacker can provide malicious files to trigger this vulnerability.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-03-01
An out-of-bounds read vulnerability exists in the GCode::extrude() functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially crafted stl file could lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-03-01
ROG Live Service’s function for deleting temp files created by installation has an improper link resolution before file access vulnerability. Since this function does not validate the path before deletion, an unauthenticated local attacker can create an unexpected symbolic link to system file path, to delete arbitrary system files and disrupt system service.
CVSS Score
7.7
EPSS Score
0.001
Published
2022-03-01
An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level Operator, can see all SSH servers (and user information) even if no SSH server or user is associated to the operator.
CVSS Score
4.3
EPSS Score
0.02
Published
2022-03-01
Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages.
CVSS Score
8.8
EPSS Score
0.027
Published
2022-03-01
A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post.
CVSS Score
5.4
EPSS Score
0.01
Published
2022-03-01
A cross-site scripting (XSS) vulnerability in Htmly v2.8.1 allows attackers to excute arbitrary web scripts HTML via a crafted payload in the content field of a blog post.
CVSS Score
5.4
EPSS Score
0.007
Published
2022-03-01
Cipi 3.1.15 allows Add Server stored XSS via the /api/servers name field.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-03-01
Page 206