βΌ CVE-2022-33684 βΌ
π Read
via "National Vulnerability Database".
The Apache Pulsar C++ Client does not verify peer TLS certificates when making HTTPS calls for the OAuth2.0 Client Credential Flow, even when tlsAllowInsecureConnection is disabled via configuration. This vulnerability allows an attacker to perform a man in the middle attack and intercept and/or modify the GET request that is sent to the ClientCredentialFlow 'issuer url'. The intercepted credentials can be used to acquire authentication data from the OAuth2.0 server to then authenticate with an Apache Pulsar cluster. An attacker can only take advantage of this vulnerability by taking control of a machine 'between' the client and the server. The attacker must then actively manipulate traffic to perform the attack. The Apache Pulsar Python Client wraps the C++ client, so it is also vulnerable in the same way. This issue affects Apache Pulsar C++ Client and Python Client versions 2.7.0 to 2.7.4; 2.8.0 to 2.8.3; 2.9.0 to 2.9.2; 2.10.0 to 2.10.1; 2.6.4 and earlier. Any users running affected versions of the C++ Client or the Python Client should rotate vulnerable OAuth2.0 credentials, including client_id and client_secret. 2.7 C++ and Python Client users should upgrade to 2.7.5 and rotate vulnerable OAuth2.0 credentials. 2.8 C++ and Python Client users should upgrade to 2.8.4 and rotate vulnerable OAuth2.0 credentials. 2.9 C++ and Python Client users should upgrade to 2.9.3 and rotate vulnerable OAuth2.0 credentials. 2.10 C++ and Python Client users should upgrade to 2.10.2 and rotate vulnerable OAuth2.0 credentials. 3.0 C++ users are unaffected and 3.0 Python Client users will be unaffected when it is released. Any users running the C++ and Python Client for 2.6 or less should upgrade to one of the above patched versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3721 βΌ
π Read
via "National Vulnerability Database".
Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41667 βΌ
π Read
via "National Vulnerability Database".
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that allows adversaries with local user privileges to load a malicious DLL which could lead to execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).π Read
via "National Vulnerability Database".
βΌ CVE-2022-41669 βΌ
π Read
via "National Vulnerability Database".
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in the SGIUtility component that allows adversaries with local user privileges to load a malicious DLL which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).π Read
via "National Vulnerability Database".
βΌ CVE-2021-34686 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn. Further investigation showed that it was not a vulnerability. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41670 βΌ
π Read
via "National Vulnerability Database".
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in the SGIUtility component that allows adversaries with local user privileges to load malicious DLL which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).π Read
via "National Vulnerability Database".
βΌ CVE-2022-41671 βΌ
π Read
via "National Vulnerability Database".
A CWE-89: Improper Neutralization of Special Elements used in SQL Command (Γ’β¬ΛSQL InjectionΓ’β¬β’) vulnerability exists that allows adversaries with local user privileges to craft a malicious SQL query and execute as part of project migration which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).π Read
via "National Vulnerability Database".
β The OpenSSL security update story β how can you tell what needs fixing? β
π Read
via "Naked Security".
How to Hack! Finding OpenSSL library files and accurately identifying their version numbers...π Read
via "Naked Security".
Naked Security
The OpenSSL security update story β how can you tell what needs fixing?
How to Hack! Finding OpenSSL library files and accurately identifying their version numbersβ¦
β S3 Ep107: Eight months to kick out the crooks and you think thatβs GOOD? [Audio + Text] β
π Read
via "Naked Security".
Listen now - latest episode - audio plus full transcriptπ Read
via "Naked Security".
Naked Security
S3 Ep107: Eight months to kick out the crooks and you think thatβs GOOD? [Audio + Text]
Listen now β latest episode β audio plus full transcript
β Twitter Blue Badge email scams β Donβt fall for them! β
π Read
via "Naked Security".
That was the week that was...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π2
βΌ CVE-2022-27893 βΌ
π Read
via "National Vulnerability Database".
The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39432 βΌ
π Read
via "National Vulnerability Database".
diplib v3.0.0 is vulnerable to Double Free.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34055 βΌ
π Read
via "National Vulnerability Database".
jhead 3.06 is vulnerable to Buffer Overflow via exif.c in function Put16u.π Read
via "National Vulnerability Database".
βΌ CVE-2022-39344 βΌ
π Read
via "National Vulnerability Database".
Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. Prior to version 6.1.12, the USB DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this may allow an attacker to bypass security features or execute arbitrary code. The implementation of `ux_device_class_dfu_control_request` function prevents buffer overflow during handling of DFU UPLOAD command when current state is `UX_SYSTEM_DFU_STATE_DFU_IDLE`. This issue has been patched, please upgrade to version 6.1.12. As a workaround, add the `UPLOAD_LENGTH` check in all possible states.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38660 βΌ
π Read
via "National Vulnerability Database".
HCL XPages applications are susceptible to a Cross Site Request Forgery (CSRF) vulnerability. An unauthenticated attacker could exploit this vulnerability to perform actions in the application on behalf of the logged in user.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38654 βΌ
π Read
via "National Vulnerability Database".
HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ignore xACL read restrictions. An authenticated attacker could leverage this vulnerability to access attributes from a user's person record.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3868 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical has been found in SourceCodester Sanitization Management System. Affected is an unknown function of the file /php-sms/classes/Master.php?f=save_quote. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-213012.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3869 βΌ
π Read
via "National Vulnerability Database".
Code Injection in GitHub repository froxlor/froxlor prior to 0.10.38.2.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-42905 βΌ
π Read
via "National Vulnerability Database".
In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. (WOLFSSL_CALLBACKS is only intended for debugging.)π Read
via "National Vulnerability Database".
βΌ CVE-2022-42919 βΌ
π Read
via "National Vulnerability Database".
Python 3.9.x and 3.10.x through 3.10.8 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.4, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40284 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.π Read
via "National Vulnerability Database".