Security Vulnerabilities, CVEs, Published In April 2022

static_compressed_inmemory_website_callback.c in Glewlwyd through 2.6.2 allows directory traversal.

Woodpecker before 0.15.1 allows XSS via build logs because web/src/components/repo/build/BuildLog.vue lacks escaping.

DJI drone devices sold in 2017 through 2022 broadcast unencrypted information about the drone operator's physical location via the AeroScope protocol.

USU Oracle Optimization before 5.17.5 allows authenticated DataCollection users to achieve agent root access because some common OS commands are blocked but (for example) an OS command for base64 decoding is not blocked. NOTE: this is not an Oracle Corporation product.

USU Oracle Optimization before 5.17 allows authenticated quantum users to achieve remote code execution because of /v2/quantum/save-data-upload-big-file Java deserialization. NOTE: this is not an Oracle Corporation product.

USU Oracle Optimization before 5.17.5 allows attackers to discover the quantum credentials via an agent-installer download. NOTE: this is not an Oracle Corporation product.

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product.

The Nimbus skin for MediaWiki through 1.37.2 (before 6f9c8fb868345701d9544a54d9752515aace39df) allows XSS in Advertise link messages.

The admin API module in the QuizGame extension for MediaWiki through 1.37.2 (before 665e33a68f6fa1167df99c0aa18ed0157cdf9f66) omits a check for the quizadmin user.

The FanBoxes extension for MediaWiki through 1.37.2 (before 027ffb0b9d6fe0d823810cf03f5b562a212162d4) allows Special:UserBoxes CSRF.

The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773) allows SQL injection with certain '-' and '_' constraints.

The Private Domains extension for MediaWiki through 1.37.2 (before 1ad65d4c1c199b375ea80988d99ab51ae068f766) allows CSRF for editing pages that store the extension's configuration. The attacker must trigger a POST request to Special:PrivateDomains.

cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.

component/common/network/dhcp/dhcps.c in ambiot amb1_sdk (aka SDK for Ameba1) before 2022-03-11 mishandles data structures for DHCP packet data.

A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA packages.

In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible

In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible

In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible

In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed

In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible

In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible

In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible

In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible

In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible

In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient