βΌ CVE-2022-41669 βΌ
π Read
via "National Vulnerability Database".
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in the SGIUtility component that allows adversaries with local user privileges to load a malicious DLL which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).π Read
via "National Vulnerability Database".
βΌ CVE-2021-34686 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn. Further investigation showed that it was not a vulnerability. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41670 βΌ
π Read
via "National Vulnerability Database".
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in the SGIUtility component that allows adversaries with local user privileges to load malicious DLL which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).π Read
via "National Vulnerability Database".
βΌ CVE-2022-41671 βΌ
π Read
via "National Vulnerability Database".
A CWE-89: Improper Neutralization of Special Elements used in SQL Command (Γ’β¬ΛSQL InjectionΓ’β¬β’) vulnerability exists that allows adversaries with local user privileges to craft a malicious SQL query and execute as part of project migration which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).π Read
via "National Vulnerability Database".
β The OpenSSL security update story β how can you tell what needs fixing? β
π Read
via "Naked Security".
How to Hack! Finding OpenSSL library files and accurately identifying their version numbers...π Read
via "Naked Security".
Naked Security
The OpenSSL security update story β how can you tell what needs fixing?
How to Hack! Finding OpenSSL library files and accurately identifying their version numbersβ¦
β S3 Ep107: Eight months to kick out the crooks and you think thatβs GOOD? [Audio + Text] β
π Read
via "Naked Security".
Listen now - latest episode - audio plus full transcriptπ Read
via "Naked Security".
Naked Security
S3 Ep107: Eight months to kick out the crooks and you think thatβs GOOD? [Audio + Text]
Listen now β latest episode β audio plus full transcript
β Twitter Blue Badge email scams β Donβt fall for them! β
π Read
via "Naked Security".
That was the week that was...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π2
βΌ CVE-2022-27893 βΌ
π Read
via "National Vulnerability Database".
The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39432 βΌ
π Read
via "National Vulnerability Database".
diplib v3.0.0 is vulnerable to Double Free.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34055 βΌ
π Read
via "National Vulnerability Database".
jhead 3.06 is vulnerable to Buffer Overflow via exif.c in function Put16u.π Read
via "National Vulnerability Database".
βΌ CVE-2022-39344 βΌ
π Read
via "National Vulnerability Database".
Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. Prior to version 6.1.12, the USB DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this may allow an attacker to bypass security features or execute arbitrary code. The implementation of `ux_device_class_dfu_control_request` function prevents buffer overflow during handling of DFU UPLOAD command when current state is `UX_SYSTEM_DFU_STATE_DFU_IDLE`. This issue has been patched, please upgrade to version 6.1.12. As a workaround, add the `UPLOAD_LENGTH` check in all possible states.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38660 βΌ
π Read
via "National Vulnerability Database".
HCL XPages applications are susceptible to a Cross Site Request Forgery (CSRF) vulnerability. An unauthenticated attacker could exploit this vulnerability to perform actions in the application on behalf of the logged in user.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38654 βΌ
π Read
via "National Vulnerability Database".
HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ignore xACL read restrictions. An authenticated attacker could leverage this vulnerability to access attributes from a user's person record.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3868 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical has been found in SourceCodester Sanitization Management System. Affected is an unknown function of the file /php-sms/classes/Master.php?f=save_quote. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-213012.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3869 βΌ
π Read
via "National Vulnerability Database".
Code Injection in GitHub repository froxlor/froxlor prior to 0.10.38.2.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-42905 βΌ
π Read
via "National Vulnerability Database".
In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. (WOLFSSL_CALLBACKS is only intended for debugging.)π Read
via "National Vulnerability Database".
βΌ CVE-2022-42919 βΌ
π Read
via "National Vulnerability Database".
Python 3.9.x and 3.10.x through 3.10.8 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.4, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40284 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.π Read
via "National Vulnerability Database".
βΌ CVE-2022-37710 βΌ
π Read
via "National Vulnerability Database".
Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: (1) keybackup.data > License > Encryption Key or (2) Eaglesoft.Server.Configuration.data > DbEncryptKeyPrimary > Encryption Key. Applicable files are encrypted with keys and salt that are hardcoded into a DLL or EXE file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3558 βΌ
π Read
via "National Vulnerability Database".
The Import and export users and customers WordPress plugin before 1.20.5 does not properly escape data when exporting it via CSV files.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3494 βΌ
π Read
via "National Vulnerability Database".
The Complianz WordPress plugin before 6.3.4, and Complianz Premium WordPress plugin before 6.3.6 allow a translators to inject arbitrary SQL through an unsanitized translation. SQL can be injected through an infected translation file, or by a user with a translator role through translation plugins such as Loco Translate or WPML.π Read
via "National Vulnerability Database".