There's a null pointer dereference and server-side request forgery flaw in httpd's mod_proxy module, when it is configured to be used as a forward proxy.
A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially ssrf via misdirected unix domain socket requests.
In the worst case, this could cause a denial of service or compromise to confidentiality of data. (
( CVE-2021-44224) a buffer overflow flaw in httpd's lua module could allow an out-of-bounds write.
An attacker who is able to submit a crafted request to an httpd instance that is using the lua module may be able to cause an impact to confidentiality, integrity, and/or availability. (
( CVE-2021-44790)

It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via tcp or udp.
An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (
( CVE-2017-5645) a flaw was discovered in log4j, where a vulnerable socketserver class may lead to the deserialization of untrusted data.
This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget. (
( CVE-2019-17571) a flaw was found in the java logging library apache log4j in version 1.x.
Jmsappender in log4j 1.x is vulnerable to deserialization of untrusted data.
This allows a remote attacker to execute code on the server if the deployed application is configured to use jmsappender and to the attacker's jndi ldap endpoint. (
( CVE-2021-4104)

Affected Versions:
Tableau Server on windows 2021.4 to 2021.4.1
Tableau Server on windows 2021.3.4 to 2021.3.5
Tableau Server on windows 2021.2.5 to 2021.2.6
Tableau Server on windows 2021.1.8 to 2021.1.9
Tableau Server on windows 2020.4.11 to 2020.4.12
Tableau Server on windows Other Versions-2020.3.14, 2020.2.19, 2020.1.22, 2019.4.25, 2019.3.26, 2019.2.29, 2019.1.29, 2018.3.29 and prior.

Tableau Desktop on windows 2021.4 to 2021.4.1
Tableau Desktop on windows 2021.3.4 to 2021.3.5
Tableau Desktop on windows 2021.2.5 to 2021.2.6
Tableau Desktop on windows 2021.1.8 to 2021.1.9
Tableau Desktop on windows 2020.4.11 to 2020.4.12
Tableau Desktop on windows Other Versions-2020.3.14, 2020.2.19, 2020.1.22, 2019.4.25, 2019.3.26, 2019.2.29, 2019.1.29, 2018.3.29 and prior.

Tableau Server on Linux 2021.4 to 2021.4.1
Tableau Server on Linux 2021.3.4 to 2021.3.5
Tableau Server on Linux 2021.2.5 to 2021.2.6
Tableau Server on Linux 2021.1.8 to 2021.1.9
Tableau Server on Linux 2020.4.11 to 2020.4.12
Tableau Server on Linux Other Versions-2020.3.14, 2020.2.19, 2020.1.22, 2019.4.25, 2019.3.26, 2019.2.29, 2019.1.29, 2018.3.29 and prior.

Tableau Desktop on Linux 2021.4 to 2021.4.1
Tableau Desktop on Linux 2021.3.4 to 2021.3.5
Tableau Desktop on Linux 2021.2.5 to 2021.2.6
Tableau Desktop on Linux 2021.1.8 to 2021.1.9
Tableau Desktop on Linux 2020.4.11 to 2020.4.12
Tableau Desktop on Linux Other Versions-2020.3.14, 2020.2.19, 2020.1.22, 2019.4.25, 2019.3.26, 2019.2.29, 2019.1.29, 2018.3.29 and prior.

QID Detection Logic (Authenticated)
This QID checks for the vulnerable versions for Tableau Server. NOTE: We are not checking the workaround given in advisory, A python script is required to run and needs to modify administrator services, window PowerShell corresponding to each version.

Customers are advised to refer to Log4shell for information pertaining to remediating this vulnerability.

Affected Versions:
VMware vRealize Orchestrator 8.x up to 8.6.1

VMware vRealize Automation is part of the VMware vRealize Suite. Also referred to as vRA, it allows you to create and manage your private cloud without the need for complex manual processes. It's an automation tool for the private cloud.

Affected Versions:
VMware vRealize Automation 8.x up to 8.6.1
VMware vRealize Automation 7.x up to 7.6

VMware vRealize Suite Lifecycle Manager delivers complete lifecycle and content management capabilities for vRealize Suite products. It helps customers accelerate time to value by automating deployment, upgrades, and configuration, while bringing DevOps principles to the management of vRealize Suite content.

Affected Versions:
VMware vRealize Suite Lifecycle Manager 8.x up to 8.6.1

QID Detection Logic:(Authenticated)
It reads /opt/vmware/etc/appliance-manifest.xml file to check the vulnerable version of the product.

On affected versions of Apache HTTP Server, NULL pointer dereference or SSRF vulnerability exists in forward proxy configurations.

Affected Versions:
Apache HTTP Server from 2.4.7 to 2.4.51

QID Detection Logic (Unauthenticated):
This QID sends a HTTP GET request and checks the response headers to confirm if the host is running vulnerable version of Apache HTTP Server.

vim is vulnerable to heap-based buffer overflow (cve-2021-3903) a flaw was found in vim.
A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution.
The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (
( CVE-2021-3927) a flaw was found in vim.
A possible stack-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution.
( CVE-2021-3928) a flaw was found in vim.
A possible heap use-after-free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution.
The highest threat from this vulnerability is to system availability. (
( CVE-2021-3968) a flaw was found in vim.
( CVE-2021-3973) a flaw was found in vim.
A possible use-after-free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution.
( CVE-2021-3974) a flaw was found in vim.
A possible heap-based buffer overflow allows an attacker to input a specially crafted file, leading to a crash or code execution.
The highest threat from this vulnerability is confidentiality, integrity, and system availability. (
( CVE-2021-3984) a flaw was found in vim.
A possible heap-based buffer overflow vulnerability allows an attacker to input a specially crafted file, leading to a crash or code execution.
The highest threat from this vulnerability is system availability. (
( CVE-2021-4019) vim is vulnerable to use after free (cve-2021-4069) a flaw was found in vim.
( CVE-2021-4136) a flaw was found in vim.
( CVE-2021-4187)

gegl (generic graphics library) is a graph-based image processing framework.

• gegl: shell expansion via a crafted pathname (cve-2021-45463)

Affected Products:

• Red Hat enterprise linux for x86_64 - extended update support 8.2 x86_64
• Red Hat enterprise linux server - aus 8.2 x86_64
• Red Hat enterprise linux for power, little endian - extended update support 8.2 ppc64le
• Red Hat enterprise linux server - tus 8.2 x86_64
• Red Hat enterprise linux server (for ibm power le) - update services for sap solutions 8.2 ppc64le
• Red Hat enterprise linux server - update services for sap solutions 8.2 x86_64
• Red Hat codeready linux builder for x86_64 - extended update support 8.2 x86_64
• Red Hat codeready linux builder for power, little endian - extended update support 8.2 ppc64le

gegl (generic graphics library) is a graph-based image processing framework.

• gegl: shell expansion via a crafted pathname (cve-2021-45463)

Affected Products:

• Red Hat enterprise linux for x86_64 - extended update support 8.4 x86_64
• Red Hat enterprise linux server - aus 8.4 x86_64
• Red Hat enterprise linux for power, little endian - extended update support 8.4 ppc64le
• Red Hat enterprise linux server - tus 8.4 x86_64
• Red Hat enterprise linux server (for ibm power le) - update services for sap solutions 8.4 ppc64le
• Red Hat enterprise linux server - update services for sap solutions 8.4 x86_64
• Red Hat codeready linux builder for x86_64 - extended update support 8.4 x86_64
• Red Hat codeready linux builder for power, little endian - extended update support 8.4 ppc64le

Red Hat openshift container platform is Red Hat's cloud computing kubernetes application platform solution designed for on-premise or private cloud deployments.

• haproxy: an http method name may contain a space followed by the name of

Affected Products:

• Red Hat openshift container platform 4.7 for rhel 8 x86_64
• Red Hat openshift container platform 4.7 for rhel 7 x86_64
• Red Hat openshift container platform for power 4.7 for rhel 8 ppc64le
• Red Hat openshift container platform for ibm z and linuxone 4.7 for rhel 8 s390x

Affected Products:
openSUSE Leap 15.3

A flaw was found in cyrus-imapd.
A bad string hashing algorithm used in internal hash tables allows user inputs to be stored in predictable buckets.
A user may cause a cpu denial of service by maliciously directing many inputs to a single bucket.
The highest threat from this vulnerability is to system availability. (
( CVE-2021-33582)

Affected OS:
Fedora 34

Red Hat openshift container platform is Red Hat's cloud computing kubernetes application platform solution designed for on-premise or private cloud deployments.

• haproxy: an http method name may contain a space followed by the name of

Affected Products:

• Red Hat openshift container platform 4.7 for rhel 8 x86_64
• Red Hat openshift container platform 4.7 for rhel 7 x86_64
• Red Hat openshift container platform for power 4.7 for rhel 8 ppc64le
• Red Hat openshift container platform for ibm z and linuxone 4.7 for rhel 8 s390x

A flaw was found in busybox, where it did not properly sanitize while processing a crafted shell command, leading to a denial of service.
The highest threat from this vulnerability is to system availability. (
( CVE-2021-42376) a flaw was found in busybox, where it did not properly sanitize while processing a crafted awk pattern, leading to possible code execution.
The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (
( CVE-2021-42378) a flaw was found in busybox, where it did not properly sanitize while processing a crafted awk pattern in the next_input_file function, leading to possible code execution.
( CVE-2021-42379) a flaw was found in busybox, where it did not properly sanitize while processing a crafted awk pattern in the handle_special function, leading to possible code execution.
( CVE-2021-42384) a flaw was found in busybox, where it did not properly sanitize while processing a crafted awk pattern in the evaluate function, leading to possible code execution.
( CVE-2021-42385) a flaw was found in busybox, where it did not properly sanitize while processing a crafted awk pattern in the nvalloc function, leading to possible code execution.
( CVE-2021-42386)

Following security issues were discovered:
CVE-2021-30275, CVE-2021-30276,CVE-2021-30270, CVE-2021-30279, CVE-2021-30278, CVE-2021-30269, CVE-2021-30283, CVE-2021-1918, CVE-2021-30274, CVE-2021-30272, CVE-2021-30282, CVE-2021-30271, CVE-2021-1894, CVE-2020-11263, CVE-2021-33909, CVE-2021-30337, CVE-2021-30335, CVE-2021-30262, CVE-2021-30267, CVE-2021-30293, CVE-2021-30273, CVE-2021-30289, CVE-2021-30268, CVE-2021-30336, CVE-2021-30303, CVE-2020-0368, CVE-2021-0971, CVE-2021-39630, CVE-2021-39632, CVE-2020-0338, CVE-2021-39623, CVE-2021-39620, CVE-2021-39626, CVE-2021-39629, CVE-2021-0643, CVE-2021-39628, CVE-2021-39659,CVE-2021-0961, CVE-2021-0661, CVE-2021-0662, CVE-2021-0663, CVE-2021-0673

Affected Products :
G series (G5, G6, G7, G8), V series(V10, V20, V30, V35, V40, V50) , Q Series(Q6, Q8) , X Series(X300, X400, X500, X cam), CV Series(CV1, CV3, CV5, CV7, CV1S, CV7AS), MH(K40, K50, Q60, Q70)

Following security issues are observed :
A buffer overflow issue was addressed with improved memory handling. CVE-2021-30960
A logic issue was addressed with improved state management. CVE-2021-30966
A buffer overflow issue was addressed with improved memory handling. CVE-2021-30957
An out-of-bounds read was addressed with improved input validation. CVE-2021-30958
This issue was addressed with improved checks. CVE-2021-30945
This issue was addressed with improved handling of file metadata. CVE-2021-30992
An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30939
A race condition was addressed with improved state handling. CVE-2021-30996
A buffer overflow issue was addressed with improved memory handling. CVE-2021-30983
An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-30985
An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30991
A memory corruption vulnerability was addressed with improved locking. CVE-2021-30937
A use after free issue was addressed with improved memory management. CVE-2021-30927
A memory corruption issue was addressed with improved state management. CVE-2021-30949
A buffer overflow issue was addressed with improved memory handling. CVE-2021-30993
A race condition was addressed with improved state handling. CVE-2021-30955
An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-30971
An out-of-bounds read was addressed with improved input validation. CVE-2021-30973
An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-30929
A buffer overflow issue was addressed with improved memory handling. CVE-2021-30979
A buffer overflow issue was addressed with improved memory handling. CVE-2021-30940
The issue was addressed with improved permissions logic. CVE-2021-30932
An inconsistent user interface issue was addressed with improved state management. CVE-2021-30948
A race condition was addressed with improved state handling. CVE-2021-30995
A validation issue related to hard link behavior was addressed with improved sandbox restrictions. CVE-2021-30968
A logic issue was addressed with improved restrictions. CVE-2021-30946
An access issue was addressed with additional sandbox restrictions. CVE-2021-30947
A logic issue was addressed with improved state management. CVE-2021-30767
An inherited permissions issue was addressed with additional restrictions. CVE-2021-30964
A buffer overflow issue was addressed with improved memory handling. CVE-2021-30934
A use after free issue was addressed with improved memory management. CVE-2021-30936
An integer overflow was addressed with improved input validation. CVE-2021-30952
A race condition was addressed with improved state handling. CVE-2021-30984
An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30953
A type confusion issue was addressed with improved memory handling. CVE-2021-30954

Affected Devices
iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Following security issues were discovered:
CVE-2021-0967, CVE-2021-0968,CVE-2021-0704, CVE-2021-0952, CVE-2021-0954, CVE-2021-0955, CVE-2021-0963, CVE-2021-0964, CVE-2021-0965, CVE-2021-0966, CVE-2021-0970, CVE-2021-0971, CVE-2021-33909, CVE-2021-38204,CVE-2021-0726, CVE-2021-0849, CVE-2021-0731, CVE-2021-0738, CVE-2021-0761, CVE-2021-0765, CVE-2021-0768, CVE-2021-0770, CVE-2021-0772, CVE-2021-0789, CVE-2021-0803, CVE-2021-0866, CVE-2021-0716, CVE-2021-0855, CVE-2021-0560, CVE-2021-0805, CVE-2021-0779, CVE-2021-0791, CVE-2021-0795, CVE-2021-0838, CVE-2021-0840, CVE-2021-0844, CVE-2021-0797, CVE-2021-0798, CVE-2021-0804, CVE-2021-0822, CVE-2021-0824, CVE-2021-0886, CVE-2021-0969, CVE-2021-0976, CVE-2021-0992, CVE-2021-0998, CVE-2021-1007, CVE-2021-1009, CVE-2021-1010, CVE-2021-1011, CVE-2021-1012, CVE-2021-1022, CVE-2021-1024, CVE-2020-25668, CVE-2021-39636, CVE-2021-39648, CVE-2021-39656, CVE-2021-23134

Affected Devices :
HUAWEI P series: P30 Pro, P30, P20 Pro, P20
HUAWEI Mate series: Mate 20 X, Mate 20 Pro, Mate 20, Mate 20 RS, Mate 10 Pro, Mate 10, PORSCHE DESIGN HUAWEI Mate RS

Following security issues were discovered:
CVE-2021-39683,CVE-2021-39682,CVE-2021-39681,CVE-2021-39680,CVE-2021-30313,CVE-2021-39678,CVE-2021-39684,CVE-2021-39679,CVE-2021-30314,CVE-2021-40490

Affected Products :
Pixel 4 XL, Pixel 4, Pixel 3a XL, Pixel 3a, Pixel 3 XL, Pixel 3, Pixel 2 XL, Pixel 2

Following security issues are observed :
A resource exhaustion issue was addressed with improved input validation. CVE-2022-22588

Affected Devices
iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Following security issues were discovered:
CVE-2021-39621,CVE-2021-39620,CVE-2021-39623,CVE-2021-39622,CVE-2021-39625,CVE-2021-39627,CVE-2021-39626,CVE-2021-39629,CVE-2021-39628,CVE-2021-31889,CVE-2021-30353,CVE-2021-39633,CVE-2021-31890,CVE-2021-30311,CVE-2021-30319,CVE-2021-39618,CVE-2021-31345,CVE-2021-31346,CVE-2021-39632,CVE-2021-39659,CVE-2021-39630,CVE-2021-39634,CVE-2021-0959,CVE-2021-30285,CVE-2021-30287,CVE-2021-0643,CVE-2021-30307,CVE-2021-30301,CVE-2021-30300,CVE-2021-1049,CVE-2021-40148,CVE-2021-30308,CVE-2020-0338

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges.

Affected Products
Following Cisco products if they are running a vulnerable release of universal Cisco IOS XE Software in Controller mode or a vulnerable release of
standalone Cisco IOS XE SD-WAN Software:
1000 Series Integrated Services Routers (ISRs)
4000 Series ISRs
ASR 1000 Series Aggregation Services Routers
Catalyst 8000 Series Edge Platforms
Cloud Services Router (CSR) 1000V Series

QID Detection Logic (Authenticated):
The authenticated check looks for the installed version of PeopleTools and the corresponding patch.

Customers are advised to refer to cisco-sa-sd-wan-rhpbE34A for more information.

Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by a flaw when responding to new h2c connection requests. By sending a specially-crafted request, an attacker could exploit this vulnerability to see the request body information from one request to another, and use this information to launch further attacks against the affected system.

Affected Versions:
Apache Tomcat 10.0.0-M1 to 10.0.0
Apache Tomcat 9.0.0.M1 to 9.0.41
Apache Tomcat 8.5.0 to 8.5.61

Affected Products:
openSUSE Leap 15.3

Apache Tomcat is vulnerable to a denial of service, caused by a memory leak flaw in WebSocket connections. By sending a specially-crafted request using OutOfMemoryError, a remote attacker could exploit this vulnerability to cause a denial of service condition.

Versions Affected:
Apache Tomcat 10.1.0-M1 to 10.1.0-M5
Apache Tomcat 10.0.0-M10 to 10.0.11
Apache Tomcat 9.0.40 to 9.0.53
Apache Tomcat 8.5.60 to 8.5.71

Affected Versions:
Oracle PeopleSoft Enterprise PeopleTools 8.57
Oracle PeopleSoft Enterprise PeopleTools 8.58
Oracle PeopleSoft Enterprise PeopleTools 8.59

QID Detection Logic (Authenticated):
The authenticated check looks for the installed version of PeopleTools and the corresponding patch.

Affected Products:
openSUSE Leap 15.3

Oracle HTTP Server is the Web server component for Oracle Fusion Middleware. It provides a listener for Oracle WebLogic Server and the framework for hosting static pages, dynamic pages, and applications over the Web.

Affected Versions:
12.2.1.3.0, 12.2.1.4.0, 12.2.1.5.0

QID Detection Logic (Authenticated):
This QID checks the vulnerable version of Oracle HTTP Server from file "inventory.xml" from the Home Directory.

Affected Products:
openSUSE Leap 15.3

gegl (generic graphics library) is a graph-based image processing framework.

• gegl: shell expansion via a crafted pathname (cve-2021-45463)

Affected Products:

• Red Hat enterprise linux server 7 x86_64
• Red Hat enterprise linux workstation 7 x86_64
• Red Hat enterprise linux desktop 7 x86_64
• Red Hat enterprise linux for ibm z systems 7 s390x
• Red Hat enterprise linux for power, big endian 7 ppc64
• Red Hat enterprise linux for power, little endian 7 ppc64le

Affected Products:
openSUSE Leap 15.3

Affected Products:
openSUSE Leap 15.3

VMware Workstation and Horizon Client for Windows contains a denial-of-service vulnerability in the Cortado ThinPrint component.

Note:
Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client for Windows.

Affected Versions
VMware Workstation Pro 16.x prior to 16.2.2
VMware Workstation Player 16.x prior to 16.2.2
VMware Horizon Client for Windows 5.x prior to 5.5.3

QID Detection Logic (authenticated):
This QID checks for vulnerable versions of Workstation and Horizon Client for Windows.exe file.

VMware has released the patch for Workstation Pro.
Refer to VMware documents VMware Workstation Pro 16.2.2 for more information.

VMware has released the patch for Workstation Player.
Refer to VMware documents VMware Workstation Player 16.2.2 for more information.

Affected Versions:
Oracle WebLogic Server, version(s) 12.1.3.0, 12.2.1.3,12.2.1.4 and 14.1.1.0

QID Detection Logic (Authenticated):
Operating System: Linux
This QID checks to see if Oracle WebLogic Server process is listening on any of the TCP ports. If so, for version 12.x it gets the "Oracle_Home" path, navigates to that directory and reads "registry.xml" and the patch files found in the directory "Oracle_Home"\inventory\patches to check if the installed version is patched.
QID Detection Logic (Authenticated):
Operating System: Windows
For affected 12.x version
The QID checks the "Oracle_Home" path with help of the registry key "HKLM\Software\Oracle". The QID verifies if the affected WebLogic version is installed on the host and then checks if the corresponding patch is applied or not.

Patch IDs checked:
WebLogic Server 14.1.1.0 - Patch 33727619
WebLogic Server 12.2.1.4 - Patch 33727616
WebLogic Server 12.2.1.3 - Patch 33699205
WebLogic Server 12.1.3.0 - Patch 33494824
QID Detection Logic (Unauthenticated) :
The qid sends a "GET console/login/LoginForm.jsp" request to retrieve the WebLogic version installed.

Affected Software:
Oracle Database 12.2.0.1

QID Detection Logic (Unauthenticated):
This QID connects the remote server's Oracle listener and reviews the Oracle banner version.

Affected Software:
Oracle Database 12.2.01

QID Detection Logic (Authenticated):
Authentication via Oracle Database:
This QID reviews the Oracle output from the table name DBA_REGISTRY_SQLPATCH for patch information.

Affected Software:
Oracle Database 19c

QID Detection Logic (Authenticated):
Authentication via Oracle Database:
This QID reviews the Oracle output from the table name DBA_REGISTRY_SQLPATCH for patch information.

Affected Software:
Oracle Database 12.1.0.2

QID Detection Logic (Unauthenticated):
This QID connects the remote server's Oracle listener and reviews the Oracle banner version.

Affected Software:
Oracle Database 12.1.0.2

QID Detection Logic (Authenticated):
Authentication via Oracle Database:
This QID reviews the Oracle output from the table name DBA_REGISTRY_SQLPATCH for patch information.

An authentication bypass vulnerability in ManageEngine Desktop Central that could result read unauthorized data or write an arbitrary zip file on the server.

Affected Versions:
For Enterprise:
Builds prior to 10.1.2137.9

For MSP:
Builds prior to 10.1.2137.9

QID Detection Logic:(Unauthenticated)
This QID sends a GET request to /configurations.do to retrieve the build number of the Desktop Central on the remote target.

On affected versions of WordPress Core, due to lack of proper sanitization in "WP_Meta_Query" class, a potential blind SQL Injection vulnerability exists.

Affected Versions:
WordPress versions from 4.1 to 5.8.2

QID Detection Logic:
This QID sends a HTTP GET request and checks for vulnerable version of WordPress running on the target application.

Affected versions of WordPress Core have multiple vulnerabilities such as SQL Injection (CVE-2022-21661), Cross Site Scripting (XSS) (CVE-2022-21662) and Object Injection (CVE-2022-21663).

Affected Versions:
WordPress versions prior to 5.8.3

QID Detection Logic:
This QID sends a HTTP GET request and checks for vulnerable version of WordPress running on the target application.

AFFECTED PRODUCTS
The following versions of syngo fastView, a software for digital imaging and communications, are affected:
Syngo fastView: All versions

QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of Siemens using registry "HKLM\SOFTWARE\Siemens"

Customers are advised to refer to CERT MITIGATIONS section ICSA-21-350-16 for affected packages and patching details.

Affected Versions:
All versions of PingAccess prior to version 7.0.1 are potentially vulnerable to Log4Shell vulnerability

QID Detection Logic (Authenticated):
This QID checks for vulnerable versions of PingAccess by checking the version from Windows registry.

Workaround:
Download the zip file attached to the advisory: "pingaccess-log4j2-2.12.3-update.zip".
Unzip this package and follow the instructions in the included README.txt to apply this update to your PingAccess systems.
A service restart is required after applying this update.

Affected Versions:
BeyondTrust Secure Remote Access Base Software prior to 6.0.1

FreeBSD has released a security update.
Affected versions:
firefox prior to 67.0,1
waterfox prior to 56.2.10
linux-seamonkey prior to 2.49.5
seamonkey prior to 2.49.5
firefox-esr prior to 60.7.0,1
linux-firefox prior to 60.7.0,2
libxul prior to 60.7.0
linux-thunderbird prior to 60.7.0
thunderbird prior to 60.7.0

QID Detection Logic:(Authenticated)
It checks for versions of the packages to check for the vulnerable packages.

Affected Products:
openSUSE Leap 15.3

the httpd packages provide the apache http server, a powerful, efficient, and extensible web server.

• httpd: mod_lua: possible buffer overflow when parsing multipart content (cve-2021-44790)
• httpd: mod_session: heap overflow via a crafted sessionheader value (cve-2021-26691)
• httpd: null pointer dereference via malformed requests (cve-2021-34798)
• httpd: out-of-bounds write in ap_escape_quotes() via malicious input (cve-2021-39275)

Affected Products:

• Red Hat enterprise linux server 7 x86_64
• Red Hat enterprise linux workstation 7 x86_64
• Red Hat enterprise linux desktop 7 x86_64
• Red Hat enterprise linux for ibm z systems 7 s390x
• Red Hat enterprise linux for power, big endian 7 ppc64
• Red Hat enterprise linux for scientific computing 7 x86_64
• Red Hat enterprise linux for power, little endian 7 ppc64le

Affected OS:
Fedora 35

CVE-2022-21664: Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed.

Affected Versions:
WordPress versions from 4.1.x prior to 4.1.34
WordPress versions from 5.0.0 prior to 5.8.3

QID Detection Logic:
The QID checks for the version via the meta generator tag.

VMware GemFire when deployed without a SecurityManager, contain a JMX service available which contains an insecure default configuration.

Affected Versions
VMware GemFire versions prior to 9.10.13
VMware GemFire versions prior to 9.9.7

QID Detection Logic
This QID checks for the vulnerable version of VMware GemFire on system

Refer to Workaround instructions for GemFire for more information.

Affected Versions:
WordPress versions from 3.7.x prior to 3.7.37
WordPress versions from 5.0.0 prior to 5.8.3

QID Detection Logic:
The QID checks for the version via the meta generator tag.

Affected Versions:
McAfee Web Gateway Web Gateway 9.2.x to 9.2.1
McAfee Web Gateway Web Gateway 8.2.x to 8.2.17

QID Detection Logic(Unauthenticated):
This QID retrieves McAfee Web Gateway version and checks to see if it's vulnerable.