‼ CVE-2022-24827 ‼
📖 Read
via "National Vulnerability Database".
Elide is a Java library that lets you stand up a GraphQL/JSON-API web service with minimal effort. When leveraging the following together: Elide Aggregation Data Store for Analytic Queries, Parameterized Columns (A column that requires a client provided parameter), and a parameterized column of type TEXT. There is the potential for a hacker to provide a carefully crafted query that would bypass server side authorization filters through SQL injection. A recent patch to Elide 6.1.2 allowed the '-' character to be included in parameterized TEXT columns. This character can be interpreted as SQL comments ('--') and allow the attacker to remove the WHERE clause from the generated query and bypass authorization filters. A fix is provided in Elide 6.1.4. The vulnerability only exists for parameterized columns of type TEXT and only for analytic queries (CRUD is not impacted). Workarounds include leveraging a different type of parameterized column (TIME, MONEY, etc) or not leveraging parameterized columns.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-25831 ‼
📖 Read
via "National Vulnerability Database".
Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to access secured data in certain conditions.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36893 ‼
📖 Read
via "National Vulnerability Database".
Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Responsive Tabs (WordPress plugin) <= 4.0.5📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20062 ‼
📖 Read
via "National Vulnerability Database".
In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836418; Issue ID: ALPS05836418.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27830 ‼
📖 Read
via "National Vulnerability Database".
Improper validation vulnerability in SemBlurInfo prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27567 ‼
📖 Read
via "National Vulnerability Database".
Null pointer dereference vulnerability in parser_hvcC function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attackers.📖 Read
via "National Vulnerability Database".
🕴 Former DHS Acting IT Chief Convicted in Software, Database Theft Scheme 🕴
📖 Read
via "Dark Reading".
Former DHS employees targeted confidential, proprietary software and personally identifying information (PII) for hundreds of thousands of federal employees.📖 Read
via "Dark Reading".
Dark Reading
Former DHS Acting IT Chief Convicted in Software, Database Theft Scheme
Former DHS employees targeted confidential, proprietary software and personally identifying information (PII) for hundreds of thousands of federal employees.
‼ CVE-2022-27528 ‼
📖 Read
via "National Vulnerability Database".
A maliciously crafted DWFX and SKP files in Autodesk Navisworks 2022 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24837 ‼
📖 Read
via "National Vulnerability Database".
HedgeDoc is an open-source, web-based, self-hosted, collaborative markdown editor. Images uploaded with HedgeDoc version 1.9.1 and later have an enumerable filename after the upload, resulting in potential information leakage of uploaded documents. This is especially relevant for private notes and affects all upload backends, except Lutim and imgur. This issue is patched in version 1.9.3 by replacing the filename generation with UUIDv4. If you cannot upgrade to HedgeDoc 1.9.3, it is possible to block POST requests to `/uploadimage`, which will disable future uploads.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27577 ‼
📖 Read
via "National Vulnerability Database".
The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise services on the MSC800. SICK has released a new firmware version of the SICK MSC800 and recommends updating to the newest version.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27840 ‼
📖 Read
via "National Vulnerability Database".
Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24829 ‼
📖 Read
via "National Vulnerability Database".
Garden is an automation platform for Kubernetes development and testing. In versions prior to 0.12.39 multiple endpoints did not require authentication. In some operating modes this allows for an attacker to gain access to the application erroneously. The configuration is leaked through the /api endpoint on the local server that is responsible for serving the Garden dashboard. At the moment, this server is accessible to 0.0.0.0 which makes it accessible to anyone on the same network (or anyone on the internet if they are on a public, static IP). This may lead to the ability to compromise credentials, secrets or environment variables. Users are advised to upgrade to version 0.12.39 as soon as possible. Users unable to upgrade should use a firewall blocking access to port 9777 from all untrusted network machines.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27824 ‼
📖 Read
via "National Vulnerability Database".
Improper size check of in sapefd_parse_meta_DESCRIPTION function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file📖 Read
via "National Vulnerability Database".
‼ CVE-2022-1193 ‼
📖 Read
via "National Vulnerability Database".
Improper access control in GitLab CE/EE versions 10.7 prior to 14.7.7, 10.8 prior to 14.8.5, and 10.9 prior to 14.9.2 allows a malicious actor to obtain details of the latest commit in a private project via Merge Requests under certain circumstances📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20069 ‼
📖 Read
via "National Vulnerability Database".
In preloader (usb), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160425; Issue ID: ALPS06160425.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-1161 ‼
📖 Read
via "National Vulnerability Database".
An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26099 ‼
📖 Read
via "National Vulnerability Database".
Null pointer dereference vulnerability in parser_infe function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds read by remote attackers.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28776 ‼
📖 Read
via "National Vulnerability Database".
Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows attacker to install applications from Galaxy Store without user interactions.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27841 ‼
📖 Read
via "National Vulnerability Database".
Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to view the screen that is previously running without authentication📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27833 ‼
📖 Read
via "National Vulnerability Database".
Improper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds write by integer overflow.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27821 ‼
📖 Read
via "National Vulnerability Database".
Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via crafted image file.📖 Read
via "National Vulnerability Database".