‼ CVE-2009-1143 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs (aka hgfsmounter).📖 Read
via "National Vulnerability Database".
🕴 Why Africa's Telecoms Must Actively Collaborate to Combat Fraud 🕴
📖 Read
via "Dark Reading".
Unique conditions contribute to outsized telecom fraud across the continent, but working together can bring solutions.📖 Read
via "Dark Reading".
Dark Reading
Why Africa's Telecoms Must Actively Collaborate to Combat Fraud
Unique conditions contribute to outsized telecom fraud across the continent, but working together can bring solutions.
🕴 How Development Teams Should Respond to Text4Shell 🕴
📖 Read
via "Dark Reading".
Yet another *4Shell exploit highlights the horror of strange visitors into enterprise environments. This Tech Tip focuses on what to do next.📖 Read
via "Dark Reading".
Dark Reading
How Development Teams Should Respond to Text4Shell
Yet another *4Shell exploit highlights the horror of strange visitors into enterprise environments. This Tech Tip focuses on what to do next.
‼ CVE-2022-44117 ‼
📖 Read
via "National Vulnerability Database".
Boa 0.94.14rc21 is vulnerable to SQL Injection via username.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44120 ‼
📖 Read
via "National Vulnerability Database".
dedecmdv6 6.1.9 is vulnerable to SQL Injection. via sys_sql_query.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45868 ‼
📖 Read
via "National Vulnerability Database".
The web-based admin console in H2 Database Engine through 2.1.214 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user (or an attacker that has obtained local access through some means) would be able to discover the password by listing processes and their arguments. NOTE: the vendor states "This is not a vulnerability of H2 Console ... Passwords should never be passed on the command line and every qualified DBA or system administrator is expected to know that."📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44789 ‼
📖 Read
via "National Vulnerability Database".
A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.1 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-41933 ‼
📖 Read
via "National Vulnerability Database".
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When the `reset a forgotten password` feature of XWiki was used, the password was then stored in plain text in database. This only concerns XWiki 13.1RC1 and newer versions. Note that it only concerns the reset password feature available from the "Forgot your password" link in the login view: the features allowing a user to change their password, or for an admin to change a user password are not impacted. This vulnerability is particularly dangerous in combination with other vulnerabilities allowing to perform data leak of personal data from users, such as GHSA-599v-w48h-rjrm. Note that this vulnerability only concerns the users of the main wiki: in case of farms, the users registered on subwiki are not impacted thanks to a bug we discovered when investigating this. The problem has been patched in version 14.6RC1, 14.4.3 and 13.10.8. The patch involves a migration of the impacted users as well as the history of the page, to ensure no password remains in plain text in the database. This migration also involves to inform the users about the possible disclosure of their passwords: by default, two emails are automatically sent to the impacted users. A first email to inform about the possibility that their password have been leaked, and a second email using the reset password feature to ask them to set a new password. It's also possible for administrators to set some properties for the migration: it's possible to decide if the user password should be reset (default) or if the passwords should be kept but only hashed. Note that in the first option, the users won't be able to login anymore until they set a new password if they were impacted. Note that in both options, mails will be sent to users to inform them and encourage them to change their passwords.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45276 ‼
📖 Read
via "National Vulnerability Database".
An issue in the /index/user/user_edit.html component of YJCMS v1.0.9 allows unauthenticated attackers to obtain the Administrator account password.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45872 ‼
📖 Read
via "National Vulnerability Database".
iTerm2 before 3.4.18 mishandles a DECRQSS response.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44118 ‼
📖 Read
via "National Vulnerability Database".
dedecmdv6 v6.1.9 is vulnerable to Remote Code Execution (RCE) via file_manage_control.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43196 ‼
📖 Read
via "National Vulnerability Database".
dedecmdv6 v6.1.9 is vulnerable to Arbitrary file deletion via file_manage_control.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45280 ‼
📖 Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in the Url parameter in /login.php of EyouCMS v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-41932 ‼
📖 Read
via "National Vulnerability Database".
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to make XWiki create many new schemas and fill them with tables just by using a crafted user identifier in the login form. This may lead to degraded database performance. The problem has been patched in XWiki 13.10.8, 14.6RC1 and 14.4.2. Users are advised to upgrade. There are no known workarounds for this issue.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2022-45278 ‼
📖 Read
via "National Vulnerability Database".
Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /index.php/admins/Fields/get_fields.html component.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4089 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in rickxy Stock Management System. It has been declared as problematic. This vulnerability affects unknown code of the file /pages/processlogin.php. The manipulation of the argument user leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214324.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44748 ‼
📖 Read
via "National Vulnerability Database".
A directory traversal vulnerability in the ZIP archive extraction routines of KNIME Server since 4.3.0 can result in arbitrary files being overwritten on the server's file system. This vulnerability is also known as 'Zip-Slip'. An attacker can create a KNIME workflow that, when being uploaded, can overwrite arbitrary files that the operating system user running the KNIME Server process has write access to. The user must be authenticated and have permissions to upload files to KNIME Server. This can impact data integrity (file contents are changed) or cause errors in other software (vital files being corrupted). It can even lead to remote code execution if executable files are being replaced and subsequently executed by the KNIME Server process user. In all cases the attacker has to know the location of files on the server's file system, though. Note that users that have permissions to upload workflows usually also have permissions to run them on the KNIME Server and can therefore already execute arbitrary code in the context of the KNIME Executor's operating system user. There is no workaround to prevent this vulnerability from being exploited. Updates to fixed versions 4.13.6, 4.14.3, or 4.15.3 are advised.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44749 ‼
📖 Read
via "National Vulnerability Database".
A directory traversal vulnerability in the ZIP archive extraction routines of KNIME Analytics Platform 3.2.0 and above can result in arbitrary files being overwritten on the user's system. This vulnerability is also known as 'Zip-Slip'. An attacker can create a KNIME workflow that, when being opened by a user, can overwrite arbitrary files that the user has write access to. It's not necessary to execute the workflow, opening the workflow is sufficient. The user will notice that something is wrong because an error is being reported but only after the files have already been written. This can impact data integrity (file contents are changed) or cause errors in other software (vital files being corrupted). It can even lead to remote code execution if executable files are being replaced and subsequently executed by the user. In all cases the attacker has to know the location of files on the user's system, though.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4088 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in rickxy Stock Management System and classified as critical. Affected by this issue is some unknown functionality of the file /pages/processlogin.php. The manipulation of the argument user/password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-214322 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2022-40976 ‼
📖 Read
via "National Vulnerability Database".
A path traversal vulnerability was discovered in multiple Pilz products. An unauthenticated local attacker could use a zipped, malicious configuration file to trigger arbitrary file writes ('zip-slip').📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2022-40977 ‼
📖 Read
via "National Vulnerability Database".
A path traversal vulnerability was discovered in Pilz PASvisu Server before 1.12.0. An unauthenticated remote attacker could use a zipped, malicious configuration file to trigger arbitrary file writes ('zip-slip').📖 Read
via "National Vulnerability Database".
👍1