👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-34718
Github: https://github.com/SecLabResearchBV/CVE-2022-34718-PoC
Describe:
Windows TCP/IP Remote Code Execution Vulnerability.

👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-41352
Github: https://github.com/segfault-it/cve-2022-41352
Describe:
An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavisd via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also, pax is in the prerequisites of Zimbra on Ubuntu; however, pax is no longer part of a default Red Hat installation after RHEL 6 (or CentOS 6). Once pax is installed, amavisd automatically prefers it over cpio.

👾KEYWORD SERVICE 🏷#cnvd
Name: CNVdTcZaLc
Github: https://github.com/uftd224/CNVdTcZaLc

👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-0002
Github: https://github.com/nikokosm/CVE-2022-0002--s-1
Describe:
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-40471
Github: https://github.com/RashidKhanPathan/CVE-2022-40471
Describe:
**

👾KEYWORD SERVICE 🏷#cnvd
Name: cnvds
Github: https://github.com/sduyaishdas/cnvds

** xray ** 🔧Tool update
Tools name：xray
Tools url：https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log：
Update jellyfin-cve-2021-29490.yml (#1632)

** MDUT ** 🔧Tool update
Tools name：MDUT
Tools url：https://github.com/SafeGroceryStore/MDUT/commit/68b62f99153980d46a5cd2112b9e1daf8d413b81
commitUpdate log：
Merge pull request #53 from ren-jq101/main

fix(sec): upgrade fastjson to 1.2.83

👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-23277
Github: https://github.com/7BitsTeam/CVE-2022-23277
Describe:
Microsoft Exchange Server Remote Code Execution Vulnerability.

👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-37298
Github: https://github.com/dbyio/cve-2022-37298-shinken
Describe:
**

👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-40648
Github: https://github.com/b3wT/CVE-2022-40648-MASS
Describe:
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X_B files. The issue results from the lack of proper validation of user-supplied data, which can result in a write before the start of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17563.

👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-41852
Github: https://github.com/Warxim/CVE-2022-41852
Describe:
Those using JXPath to interpret untrusted XPath expressions may be vulnerable to a remote code execution attack. All JXPathContext class functions processing a XPath string are vulnerable except compile() and compilePath() function. The XPath expression can be used by an attacker to load any Java class from the classpath resulting in code execution.

** nps ** 🔧Tool update
Tools name：nps
Tools url：https://github.com/ehang-io/nps/commit/ab648d6f0c618c690a7a79948a7ebd686e1cdafc
commitUpdate log：
Merge pull request #866 from freeoa/master

add build to apple silicon(M1)

👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-41358
Github: https://github.com/thecasual/CVE-2022-41358
Describe:
**

👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-40664
Github: https://github.com/Jackey0/CVE-2022-40664
Describe:
Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher.

👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-39802
Github: https://github.com/redrays-io/CVE-2022-39802
Describe:
SAP Manufacturing Execution - versions 15.1, 15.2, 15.3, allows an attacker to exploit insufficient validation of a file path request parameter. The intended file path can be manipulated to allow arbitrary traversal of directories on the remote server. The file content within each directory can be read which may lead to information disclosure.

👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-24990
Github: https://github.com/jsongmax/CVE-2022-24990
Describe:
**

👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-36067
Github: https://github.com/backcr4t/CVE-2022-36067-MASS-RCE
Describe:
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. In versions prior to version 3.9.11, a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.11 of vm2. There are no known workarounds.

👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-0824
Github: https://github.com/pizza-power/golang-webmin-CVE-2022-0824-revshell
Describe:
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990.

👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-42889
Github: https://github.com/standb/CVE-2022-42889
Describe:
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.