‼ CVE-2022-20388 ‼
📖 Read
via "National Vulnerability Database".
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227323📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34336 ‼
📖 Read
via "National Vulnerability Database".
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229714.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0942 ‼
📖 Read
via "National Vulnerability Database".
The path in this case is a little bit convoluted. The end result is that via an ioctl an untrusted app can control the ui32PageIndex offset in the expression:sPA.uiAddr = page_to_phys(psOSPageArrayData->pagearray[ui32PageIndex]);With the current PoC this crashes as an OOB read. However, given that the OOB read value is ending up as the address field of a struct I think i seems plausible that this could lead to an OOB write if the attacker is able to cause the OOB read to pull an interesting kernel address. Regardless if this is a read or write, it is a High severity issue in the kernel.Product: AndroidVersions: Android SoCAndroid ID: A-238904312📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20396 ‼
📖 Read
via "National Vulnerability Database".
In SettingsActivity.java, there is a possible way to make a device discoverable over Bluetooth, without permission or user interaction, due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-234440688📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20398 ‼
📖 Read
via "National Vulnerability Database".
In addOrUpdateNetwork of WifiServiceImpl.java, there is a possible way for a guest user to configure Wi-Fi due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-221859734📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20395 ‼
📖 Read
via "National Vulnerability Database".
In checkAccess of MediaProvider.java, there is a possible file deletion due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-221855295📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20389 ‼
📖 Read
via "National Vulnerability Database".
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257004📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39819 ‼
📖 Read
via "National Vulnerability Database".
In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occur in /cgi-bin/R14.2/log.pl via the cmd HTTP GET parameter and /cgi-bin/R14.2/checkping.pl via the addr HTTP GET parameter. This allows authenticated users to execute commands on the operating system.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40621 ‼
📖 Read
via "National Vulnerability Database".
Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier communicates over HTTP and not HTTPS, and because the hashing mechanism does not rely on a server-supplied key, it is possible for an attacker with sufficient network access to capture the hashed password of a logged on user and use it in a classic Pass-the-Hash style attack.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39816 ‼
📖 Read
via "National Vulnerability Database".
In NOKIA 1350 OMS R14.2, Insufficiently Protected Credentials (cleartext password) occur in /cgi-bin/R14.2/cgi-bin/R14.2/host.pl on the edit configuration page. Exploitation requires an authenticated attacker.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39821 ‼
📖 Read
via "National Vulnerability Database".
In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs under /usr/Systems/OTNE_1_14_Master/maintenance/trace/web/.otn.default.log. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40623 ‼
📖 Read
via "National Vulnerability Database".
The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 does not utilize anti-CSRF tokens, which, when combined with other issues (such as CVE-2022-35518), can lead to remote, unauthenticated command execution.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40622 ‼
📖 Read
via "National Vulnerability Database".
The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 uses IP addresses to hold sessions and does not not use session tokens. Therefore, if an attacker changes their IP address to match the logged-in administrator's, or is behind the same NAT as the logged in administrator, session takeover is possible.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20393 ‼
📖 Read
via "National Vulnerability Database".
In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure from the media server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-233735886📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39817 ‼
📖 Read
via "National Vulnerability Database".
In NOKIA 1350 OMS R14.2, multiple SQL Injection vulnerabilities occur in /cgi-bin/R14.2/easy1350.pl via the id or host HTTP GET parameter, or /cgi-bin/R14.2/cgi-bin/R14.2/host.pl via the host HTTP GET parameter. Exploitation requires an authenticated attacker.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39815 ‼
📖 Read
via "National Vulnerability Database".
In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occur in /CGI-BIN/OTNE_1-14/runBatch.cgi via the file HTTP POST parameter, /CGI-BIN/OTNE_1-14/getRadioTLs.cgi via the context HTTP POST parameter, /CGI-BIN/OTNE_1-14/runRouteReport.cgi via the file HTTP POST parameter or /CGI-BIN/RemoteCommandManager.cgi via the command HTTP POST parameter.📖 Read
via "National Vulnerability Database".
👍1
🕴 Bishop Fox Releases Cloud Enumeration Tool CloudFox 🕴
📖 Read
via "Dark Reading".
CloudFox is a command-line tool to help penetration testers understand unknown cloud environments.📖 Read
via "Dark Reading".
Dark Reading
Bishop Fox Releases Cloud Enumeration Tool CloudFox
CloudFox is a command-line tool that helps penetration testers understand unknown cloud environments.
‼ CVE-2021-36568 ‼
📖 Read
via "National Vulnerability Database".
In certain Moodle products after creating a course, it is possible to add in a arbitrary "Topic" a resource, in this case a "Database" with the type "Text" where its values "Field name" and "Field description" are vulnerable to Cross Site Scripting Stored(XSS). This affects Moodle 3.11 and Moodle 3.10.4 and Moodle 3.9.7.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31861 ‼
📖 Read
via "National Vulnerability Database".
Cross site Scripting (XSS) in ThingsBoard IoT Platform through 3.3.4.1 via a crafted value being sent to the audit logs.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38768 ‼
📖 Read
via "National Vulnerability Database".
The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to bypass authorization.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31322 ‼
📖 Read
via "National Vulnerability Database".
Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables.📖 Read
via "National Vulnerability Database".