Security Vulnerabilities - CVEs Published In August 2022
Microsoft Excel Security Feature Bypass Vulnerability
CVSS Score
7.3
EPSS Score
0.02
Published
2022-08-09
The ftlserver component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, and TIBCO FTL - Enterprise Edition contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a privilege escalation on the affected ftlserver. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.0.0 through 6.8.0, TIBCO FTL - Developer Edition: versions 6.0.1 through 6.8.0, TIBCO FTL - Enterprise Edition: versions 6.0.0 through 6.7.3, and TIBCO FTL - Enterprise Edition: version 6.8.0.
CVSS Score
6.7
EPSS Score
0.005
Published
2022-08-09
The ftlserver component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, TIBCO FTL - Enterprise Edition, TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, TIBCO eFTL - Enterprise Edition, and TIBCO eFTL - Enterprise Edition contains a difficult to exploit vulnerability that allows a low privileged attacker with local access to obtain user credentials to the affected system. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.0.0 through 6.8.0, TIBCO FTL - Developer Edition: versions 6.0.1 through 6.8.0, TIBCO FTL - Enterprise Edition: versions 6.0.0 through 6.7.3, TIBCO FTL - Enterprise Edition: version 6.8.0, TIBCO eFTL - Community Edition: versions 6.0.0 through 6.8.0, TIBCO eFTL - Developer Edition: versions 6.0.1 through 6.8.0, TIBCO eFTL - Enterprise Edition: versions 6.0.0 through 6.7.3, and TIBCO eFTL - Enterprise Edition: version 6.8.0.
CVSS Score
4.6
EPSS Score
0.0
Published
2022-08-09
Improper Restriction of Rendered UI Layers or Frames in GitHub repository openemr/openemr prior to 7.0.0.1.
CVSS Score
10.0
EPSS Score
0.01
Published
2022-08-09
Cross-site Scripting (XSS) - DOM in GitHub repository openemr/openemr prior to 7.0.0.1.
CVSS Score
5.4
EPSS Score
0.035
Published
2022-08-09
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-08-09
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.1.
CVSS Score
5.4
EPSS Score
0.015
Published
2022-08-09
Missing Authorization in GitHub repository openemr/openemr prior to 7.0.0.1.
CVSS Score
8.3
EPSS Score
0.003
Published
2022-08-09
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.1.
CVSS Score
9.6
EPSS Score
0.917
Published
2022-08-09
A vulnerability was found in SourceCodester Gym Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /mygym/admin/login.php. The manipulation of the argument admin_email/admin_pass leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205855.
CVSS Score
6.3
EPSS Score
0.002
Published
2022-08-09