‼ CVE-2022-36057 ‼
📖 Read
via "National Vulnerability Database".
Discourse-Chat is an asynchronous messaging plugin for the Discourse open-source discussion platform. Users of Discourse Chat can be affected by admin users inserting HTML into chat titles and descriptions, causing a Cross-Site Scripting (XSS) attack. Version 0.9 contains a patch for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36072 ‼
📖 Read
via "National Vulnerability Database".
SilverwareGames.io is a social network for users to play video games online. In version 1.1.8 and prior, due to an unobvious feature of PHP, hashes generated by built-in functions and starting with the `0e` symbols were being handled as zero multiplied with the `e` number. Therefore, the hash value was equal to 0. The maintainers fixed this in version 1.1.9 by using `===` instead of `==` in comparisons where it is possible (e.g. on sign in/sign up handlers).📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38176 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in YSoft SAFEQ 6 before 6.0.72. Incorrect privileges were configured as part of the installer package for the Client V3 services, allowing for local user privilege escalation by overwriting the executable file via an alternative data stream. NOTE: this is not the same as CVE-2021-31859.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36043 ‼
📖 Read
via "National Vulnerability Database".
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rz_bin_reloc_storage_free() when freeing relocations generated from qnx binary plugin. A user opening a malicious qnx binary could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number a3d50c1ea185f3f642f2d8180715f82d98840784 contains a patch for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36061 ‼
📖 Read
via "National Vulnerability Database".
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.35, read only calls between contracts can generate smart contracts results. For example, if contract A calls in read only mode contract B and the called function will make changes upon the contract's B state, the state will be altered for contract B as if the call was not made in the read-only mode. This can lead to some effects not designed by the original smart contracts programmers. This issue was patched in version 1.3.35. There are no known workarounds.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26861 ‼
📖 Read
via "National Vulnerability Database".
Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36044 ‼
📖 Read
via "National Vulnerability Database".
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from Luac files. A user opening a malicious Luac file could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commits 07b43bc8aa1ffebd9b68d60624c9610cf7e460c7 and 05bbd147caccc60162d6fba9baaaf24befa281cd contain fixes for the issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32277 ‼
📖 Read
via "National Vulnerability Database".
Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36757 ‼
📖 Read
via "National Vulnerability Database".
Xaomi Mi Browser v13.10.0-gn contains a vulnerability which allows attackers to execute arbitrary code via user interaction with a crafted URL.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36041 ‼
📖 Read
via "National Vulnerability Database".
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when parsing Mach-O files. A user opening a malicious Mach-O file could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number 7323e64d68ecccfb0ed3ee480f704384c38676b2 contains a patch.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37253 ‼
📖 Read
via "National Vulnerability Database".
Persistent cross-site scripting (XSS) in Crime Reporting System 1.0 allows a remote attacker to introduce arbitary Javascript via manipulation of an unsanitized POST parameter📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26859 ‼
📖 Read
via "National Vulnerability Database".
Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during SMM.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36058 ‼
📖 Read
via "National Vulnerability Database".
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.34, anyone who uses elrond-go to process blocks (historical or actual) could encounter a `MultiESDTNFTTransfer` transaction like this: `MultiESDTNFTTransfer` with a missing function name. Basic functionality like p2p messaging, storage, API requests and such are unaffected. Version 1.3.34 contains a fix for this issue. There are no known workarounds.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26860 ‼
📖 Read
via "National Vulnerability Database".
Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37185 ‼
📖 Read
via "National Vulnerability Database".
SQL injection vulnerability exists in the school information query interface (repschoolproj.php) of the EMS 6.2 system of the Office of the Thai Basic Education Commission, which can lead to data leakage.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36663 ‼
📖 Read
via "National Vulnerability Database".
Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF (Server-Side Request Forgery) attacks via a crafted request_uri parameter.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26858 ‼
📖 Read
via "National Vulnerability Database".
Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3134 ‼
📖 Read
via "National Vulnerability Database".
Use After Free in GitHub repository vim/vim prior to 9.0.0388.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36040 ‼
📖 Read
via "National Vulnerability Database".
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from PYC(python) files. A user opening a malicious PYC file could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number 68948017423a12786704e54227b8b2f918c2fd27 contains a patch.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36065 ‼
📖 Read
via "National Vulnerability Database".
GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the right location, they can execute arbitrary code within the container. To be affected, ALL of the following must be true: Self-hosted deployment (GrowthBook Cloud is unaffected); using local file uploads (as opposed to S3 or Google Cloud Storage); NODE_ENV set to a non-production value and JWT_SECRET set to an easily guessable string like `dev`. This issue is patched in commit 1a5edff8786d141161bf880c2fd9ccbe2850a264 (2022-08-29). As a workaround, set `JWT_SECRET` environment variable to a long random string. This will stop arbitrary file uploads, but the only way to stop attackers from registering accounts is by updating to the latest build.📖 Read
via "National Vulnerability Database".
🕴 Report Highlights Prevalence of Software Supply Chain Risks 🕴
📖 Read
via "Dark Reading".
Multiclient research report shows organizations are significantly increasing efforts to secure their supply chains in response to software supply chain attacks.📖 Read
via "Dark Reading".
Dark Reading
Report Highlights Prevalence of Software Supply Chain Risks
Multiclient research report shows organizations are significantly increasing efforts to secure their supply chains in response to software supply chain attacks.