Full Disclosure
SEC Consult SA-20221213-0 :: Privilege Escalation Vulnerabilities (UNIX Insecure File Handling) in SAP Host Agent (saposcol)
December 13^th 2022 at 21:16

SEC Consult SA-20221213-0 :: Privilege Escalation Vulnerabilities (UNIX Insecure File Handling) in SAP Host Agent (saposcol)

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 13

SEC Consult Vulnerability Lab Security Advisory < 20221213-0 >
=======================================================================
title: Privilege Escalation Vulnerabilities (UNIX Insecure File
Handling)
product: SAP® Host Agent (saposcol)
vulnerable version: see section "Vulnerable / tested versions"
fixed version: see SAP security note 3159736
CVE...

December 13^th 2022 at 21:16

Full Disclosure
Re: CyberDanube Security Research 20221009-0 | Authenticated Command Injection in Intelbras WiFiber 120AC inMesh
December 13^th 2022 at 21:16

Re: CyberDanube Security Research 20221009-0 | Authenticated Command Injection in Intelbras WiFiber 120AC inMesh

Posted by Thomas Weber on Dec 13

CyberDanube Security Research 20221009-0
-------------------------------------------------------------------------------

               title| Authenticated Command Injection
             product| Intelbras WiFiber 120AC inMesh
vulnerable version| 1.1-220216
       fixed version| 1-1-220826
          CVE number| CVE-2022-40005
              impact| High
           ...

December 13^th 2022 at 21:16

Full Disclosure
Trojan-Dropper.Win32.Decay.dxv (CyberGate v1.00.0) / Insecure Proprietary Password Encryption
December 13^th 2022 at 21:16

Trojan-Dropper.Win32.Decay.dxv (CyberGate v1.00.0) / Insecure Proprietary Password Encryption

Posted by malvuln on Dec 13

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/618f28253d1268132a9f10819a6947f2.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Backup media: infosec.exchange/@malvuln

Threat: Trojan-Dropper.Win32.Decay.dxv (CyberGate v1.00.0)
Vulnerability: Insecure Proprietary Password Encryption
Family: CyberGate
Type: PE32
MD5: 618f28253d1268132a9f10819a6947f2
Vuln ID:...

December 13^th 2022 at 21:16

Full Disclosure
Vulnerabilities Disclosure - Shoplazza Stored XSS
December 13^th 2022 at 21:14

Vulnerabilities Disclosure - Shoplazza Stored XSS

Posted by Andrey Stoykov on Dec 13

# Exploit Title: Shoplazza 1.1 - Stored Cross Site Scripting
# Exploit Author: Andrey Stoykov
# Software Link: https://github.com/Shoplazza/LifeStyle
# Version: 1.1
# Tested on: Ubuntu 20.04

Stored XSS #1:

To reproduce do the following:

1. Login as normal user account
2. Browse "Blog Posts" -> "Manage Blogs" -> "Add Blog Post"
3. Select "Title" and enter payload...

December 13^th 2022 at 21:14

Red Hat Security Advisory 2022-8958-01

Red Hat Security Advisory 2022-8958-01 - The Byte Code Engineering Library is intended to give users a convenient way to analyze, create, and manipulate Java class files.

December 13^th 2022 at 17:18

Red Hat Security Advisory 2022-8941-01

Red Hat Security Advisory 2022-8941-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an out of bounds write vulnerability.

December 13^th 2022 at 17:18

Red Hat Security Advisory 2022-8959-01

Red Hat Security Advisory 2022-8959-01 - The Byte Code Engineering Library is intended to give users a convenient way to analyze, create, and manipulate Java class files.

December 13^th 2022 at 17:17

Red Hat Security Advisory 2022-8961-01

Red Hat Security Advisory 2022-8961-01 - Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.1 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes the security fixes listed below. Issues addressed include a traversal vulnerability.

December 13^th 2022 at 17:17

Red Hat Security Advisory 2022-8965-01

Red Hat Security Advisory 2022-8965-01 - Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.1 serves as a replacement for Red Hat Single Sign-On 7.6.1. Issues addressed include a traversal vulnerability.

December 13^th 2022 at 17:16

Red Hat Security Advisory 2022-8962-01

Red Hat Security Advisory 2022-8962-01 - Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.1 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes the security fixes listed below. Issues addressed include a traversal vulnerability.

December 13^th 2022 at 17:16

Red Hat Security Advisory 2022-8963-01

Red Hat Security Advisory 2022-8963-01 - Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.1 on RHEL 9 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes the security fixes listed below. Issues addressed include a traversal vulnerability.

December 13^th 2022 at 17:16

Red Hat Security Advisory 2022-8964-01

Red Hat Security Advisory 2022-8964-01 - The rh-sso-7/sso76-openshift-rhel8 container image and rh-sso-7/sso7-rhel8-operator operator has been updated for RHEL-8 based Middleware Containers to address the following security issues. Issues addressed include a traversal vulnerability.

December 13^th 2022 at 17:16

Red Hat Security Advisory 2022-8957-01

Red Hat Security Advisory 2022-8957-01 - This release of Red Hat build of Quarkus 2.7.6.SP3 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include a deserialization vulnerability.

December 13^th 2022 at 17:16

Red Hat Security Advisory 2022-8940-01

Red Hat Security Advisory 2022-8940-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds write vulnerability.

December 13^th 2022 at 17:16

Ubuntu Security Notice USN-5776-1

Ubuntu Security Notice 5776-1 - It was discovered that containerd incorrectly handled memory when receiving certain faulty Exec or ExecSync commands. A remote attacker could possibly use this issue to cause a denial of service or crash containerd. It was discovered that containerd incorrectly set up inheritable file capabilities. An attacker could possibly use this issue to escalate privileges inside a container. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

December 13^th 2022 at 17:15

Red Hat Security Advisory 2022-8938-01

Red Hat Security Advisory 2022-8938-01 - Version 1.26.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.8, 4.9, 4.10, and 4.11. This release includes security and bug fixes, and enhancements.

December 13^th 2022 at 17:13

Red Hat Security Advisory 2022-8915-01

Red Hat Security Advisory 2022-8915-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.

December 12^th 2022 at 23:03

Ubuntu Security Notice USN-5775-1

Ubuntu Security Notice 5775-1 - It was discovered that Vim uses freed memory in recursive substitution of specially crafted patterns. An attacker could possibly use this to crash Vim and cause denial of service. It was discovered that Vim makes illegal memory calls when patterns start with an illegal byte. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. It was discovered that Vim could be made to crash when parsing invalid line numbers. An attacker could possibly use this to crash Vim and cause denial of service.

December 12^th 2022 at 23:03

Microsoft PlayReady security research

Posted by Security Explorations on Dec 10

Hello,

Microsoft PlayReady is one of the key technologies used by PayTV
industry and OTT platforms for Digital Rights Management and content
security in general. According to Microsoft, PlayReady Server SDK has
several hundred service provider licensees.

Security Explorations conducted security analysis of Microsoft Play
Ready content protection technology in the environment of CANAL+ SAT
TV provider. As a result, complete access to movie...

December 10^th 2022 at 11:23

Debian Security Advisory 5298-1

Debian Linux Security Advisory 5298-1 - Two security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in unauthenticated command injection or LDAP authentication bypass.

December 10^th 2022 at 02:30

Red Hat Security Advisory 2022-8889-01

Red Hat Security Advisory 2022-8889-01 - This is an Openshift Logging bug fix release. Issues addressed include a denial of service vulnerability.

December 9^th 2022 at 14:52

Full Disclosure
CyberDanube Security Research 20221130-0 | Multiple Vulnerabilities in Delta Electronics DX-2100-L1-CN
December 9^th 2022 at 02:58

CyberDanube Security Research 20221130-0 | Multiple Vulnerabilities in Delta Electronics DX-2100-L1-CN

Posted by Thomas Weber on Dec 08

CyberDanube Security Research 20221130-0
-------------------------------------------------------------------------------
               title| Multiple Vulnerabilities
             product| Delta Electronics DX-2100-L1-CN
vulnerable version| V1.5.0.10
       fixed version| V1.5.0.12
          CVE number| -
              impact| High
            homepage|...

December 9^th 2022 at 02:58

Full Disclosure
CyberDanube Security Research 20221130-1 | Authenticated Command Injection in Delta Electronics DVW-W02W2-E2
December 9^th 2022 at 02:58

CyberDanube Security Research 20221130-1 | Authenticated Command Injection in Delta Electronics DVW-W02W2-E2

Posted by Thomas Weber on Dec 08

CyberDanube Security Research 20221130-1
-------------------------------------------------------------------------------
               title| Authenticated Command Injection
             product| Delta Electronics DVW-W02W2-E2
vulnerable version| V2.42
       fixed version| V2.5.2
          CVE number| -
              impact| High
            homepage|...

December 9^th 2022 at 02:58

Full Disclosure
SEC Consult SA-20221206-0 :: Multiple critical vulnerabilities in ILIAS eLearning platform
December 9^th 2022 at 02:57

SEC Consult SA-20221206-0 :: Multiple critical vulnerabilities in ILIAS eLearning platform

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 08

SEC Consult Vulnerability Lab Security Advisory < 20221206-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: ILIAS eLearning platform
vulnerable version: <= 7.15
fixed version: 7.16
CVE number: CVE-2022-45915, CVE-2022-45916, CVE-2022-45917,
CVE-2022-45918
impact: critical...

December 9^th 2022 at 02:57

Full Disclosure
Backdoor.Win32.Delf.gj / Information Disclosure
December 9^th 2022 at 02:57

Backdoor.Win32.Delf.gj / Information Disclosure

Posted by malvuln on Dec 08

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/8872c2ec49ff3382240762a029631684.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Backup media: infosec.exchange/@malvuln

Threat: Backdoor.Win32.Delf.gj
Vulnerability: Information Disclosure
Description: The malware listens on TCP port 80. Third-party adversaries
who can reach an infected system can pass...

December 9^th 2022 at 02:57

Full Disclosure
SEC Consult SA-20221201-0 :: Replay attacks & Displaying arbitrary contents in Zhuhai Suny Technology ESL Tag / ETAG-TECH protocol (electronic shelf labels)
December 9^th 2022 at 02:57

SEC Consult SA-20221201-0 :: Replay attacks & Displaying arbitrary contents in Zhuhai Suny Technology ESL Tag / ETAG-TECH protocol (electronic shelf labels)

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 08

SEC Consult Vulnerability Lab Security Advisory < 20221201-0 >
=======================================================================
title: Replay attacks & Displaying arbitrary contents
product: Zhuhai Suny Technology ESL Tag / ETAG-TECH protocol
(electronic shelf labels)
vulnerable version: All
fixed version: -
CVE number: CVE-2022-45914
impact:...

December 9^th 2022 at 02:57

Full Disclosure
SEC Consult SA-20221130-0 :: Multiple critical vulnerabilities in Planet Enterprises Ltd - Planet eStream
December 9^th 2022 at 02:57

SEC Consult SA-20221130-0 :: Multiple critical vulnerabilities in Planet Enterprises Ltd - Planet eStream

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 08

SEC Consult Vulnerability Lab Security Advisory < 20221130-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: Planet Enterprises Ltd - Planet eStream
vulnerable version: <6.72.10.07
fixed version: 6.72.10.07
CVE number: CVE-2022-45896, CVE-2022-45893, CVE-2022-45891,
CVE-2022-45889,...

December 9^th 2022 at 02:57

Full Disclosure
Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328)
December 9^th 2022 at 02:57

Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328)

Posted by Qualys Security Advisory via Fulldisclosure on Dec 08

Qualys Security Advisory

Race condition in snap-confine's must_mkdir_and_open_with_perms()
(CVE-2022-3328)

========================================================================
Contents
========================================================================

Summary
Background
Exploitation
Acknowledgments
Timeline

I can't help but feel a missed opportunity to integrate lyrics from
one of the best songs ever: [SNAP! - The...

December 9^th 2022 at 02:57

Full Disclosure
[CVE-2022-21225] Intel Data Center Manager Console <= 4.1 “getRoomRackData" Authenticated (Guest+) SQL Injection
December 9^th 2022 at 02:56

[CVE-2022-21225] Intel Data Center Manager Console <= 4.1 “getRoomRackData" Authenticated (Guest+) SQL Injection

Posted by Julien Ahrens (RCE Security) on Dec 08

RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: Intel Data Center Manager
Vendor URL: https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html
Type: SQL Injection [CWE-89]
Date found: 2022-01-21
Date published: 2022-12-01
CVSSv3 Score: 9.9 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)
CVE: CVE-2022-21225

2....

December 9^th 2022 at 02:56

Full Disclosure
Intel Data Center Manager <= 5.1 Local Privileges Escalation
December 9^th 2022 at 02:56

Intel Data Center Manager <= 5.1 Local Privileges Escalation

Posted by Julien Ahrens (RCE Security) on Dec 08

RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: Intel Data Center Manager
Vendor URL: https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html
Type: Incorrect Use of Privileged APIs [CWE-648]
Date found: 2022-07-16
Date published: 2022-12-07
CVSSv3 Score: 7.4 (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVE:...

December 9^th 2022 at 02:56

Ubuntu Security Notice USN-5770-1

Ubuntu Security Notice 5770-1 - Todd Eisenberger discovered that certain versions of GNU Compiler Collection could be made to clobber the status flag of RDRAND and RDSEED with specially crafted input. This could potentially lead to less randomness in random number generation.

December 8^th 2022 at 21:32

Ubuntu Security Notice USN-5769-1

Ubuntu Security Notice 5769-1 - It was discovered that protobuf did not properly manage memory when serializing large messages. An attacker could possibly use this issue to cause applications using protobuf to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that protobuf did not properly manage memory when parsing specifically crafted messages. An attacker could possibly use this issue to cause applications using protobuf to crash, resulting in a denial of service.

December 8^th 2022 at 21:31

Red Hat Security Advisory 2022-8902-01

Red Hat Security Advisory 2022-8902-01 - This release of Camel for Spring Boot 3.18.3 serves as a replacement for Camel for Spring Boot 3.14.2 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include a denial of service vulnerability.

December 8^th 2022 at 21:31

Red Hat Security Advisory 2022-8896-01

Red Hat Security Advisory 2022-8896-01 - A virtual BMC for controlling virtual machines using IPMI commands.

December 8^th 2022 at 21:30

Red Hat Security Advisory 2022-8897-01

Red Hat Security Advisory 2022-8897-01 - An update for instack-undercloud is now available for Red Hat OpenStack Platform 13 (Queens).

December 8^th 2022 at 21:30

Red Hat Security Advisory 2022-8900-01

Red Hat Security Advisory 2022-8900-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.

December 8^th 2022 at 21:29

Ubuntu Security Notice USN-5767-1

Ubuntu Security Notice 5767-1 - Nicky Mouha discovered that Python incorrectly handled certain SHA-3 internals. An attacker could possibly use this issue to cause a crash or execute arbitrary code. It was discovered that Python incorrectly handled certain IDNA inputs. An attacker could possibly use this issue to expose sensitive information denial of service, or cause a crash.

December 8^th 2022 at 21:28

Red Hat Security Advisory 2022-8841-01

Red Hat Security Advisory 2022-8841-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include buffer over-read, buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, and use-after-free vulnerabilities.

December 8^th 2022 at 21:28

Red Hat Security Advisory 2022-8840-01

Red Hat Security Advisory 2022-8840-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include buffer overflow, bypass, code execution, denial of service, double free, and out of bounds read vulnerabilities.

December 8^th 2022 at 21:28

Ubuntu Security Notice USN-5768-1

Ubuntu Security Notice 5768-1 - Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. It was discovered that the GNU C Library did not properly handled DNS responses when ENDS0 is enabled. An attacker could possibly use this issue to cause fragmentation-based attacks.

December 8^th 2022 at 16:36

Red Hat Security Advisory 2022-8781-01

Red Hat Security Advisory 2022-8781-01 - Logging Subsystem for Red Hat OpenShift has a security update. Issues addressed include a denial of service vulnerability.

December 8^th 2022 at 16:34

Red Hat Security Advisory 2022-8849-01

Red Hat Security Advisory 2022-8849-01 - An update for python-XStatic-Angular is now available for Red Hat OpenStack Platform 16.2.4 (Train).

December 8^th 2022 at 16:33

Red Hat Security Advisory 2022-8852-01

Red Hat Security Advisory 2022-8852-01 - A fast multidimensional array facility for Python. Issues addressed include a null pointer vulnerability.

December 8^th 2022 at 16:32

Red Hat Security Advisory 2022-8857-01

Red Hat Security Advisory 2022-8857-01 - Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Issues addressed include a bypass vulnerability.

December 8^th 2022 at 16:31

Red Hat Security Advisory 2022-8874-01

Red Hat Security Advisory 2022-8874-01 - An update for openstack-barbican is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2.

December 8^th 2022 at 16:31

Red Hat Security Advisory 2022-8866-01

Red Hat Security Advisory 2022-8866-01 - An update for python-XStatic-Angular is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2.

December 8^th 2022 at 16:29

Red Hat Security Advisory 2022-8873-01

Red Hat Security Advisory 2022-8873-01 - An update for python-oslo-utils is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2.

December 8^th 2022 at 16:29

Red Hat Security Advisory 2022-8848-01

Red Hat Security Advisory 2022-8848-01 - An update for python-XStatic-Bootstrap-SCSS is now available for Red Hat OpenStack Platform 16.2.4 (Train). Issues addressed include a cross site scripting vulnerability.

December 8^th 2022 at 16:28

Red Hat Security Advisory 2022-8864-01

Red Hat Security Advisory 2022-8864-01 - UltraJSON is an ultra fast JSON encoder and decoder. Issues addressed include a double free vulnerability.

December 8^th 2022 at 16:27

Red Hat Security Advisory 2022-8865-01

Red Hat Security Advisory 2022-8865-01 - An update for python-XStatic-Bootstrap-SCSS is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2. Issues addressed include a cross site scripting vulnerability.

December 8^th 2022 at 16:27

Red Hat Security Advisory 2022-8851-01

Red Hat Security Advisory 2022-8851-01 - An update for rabbitmq-server is now available for Red Hat OpenStack Platform 16.2.4 (Train) for Red Hat Enterprise Linux (RHEL) 8.4. Issues addressed include cross site scripting and improper neutralization vulnerabilities.

December 8^th 2022 at 16:26

Red Hat Security Advisory 2022-8862-01

Red Hat Security Advisory 2022-8862-01 - An update for puppet is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2.

December 8^th 2022 at 16:25

Red Hat Security Advisory 2022-8853-01

Red Hat Security Advisory 2022-8853-01 - An update for python-django20 is now available for Red Hat OpenStack Platform 16.2.4 (Train) for Red Hat Enterprise Linux (RHEL) 8.4. Issues addressed include cross site scripting and denial of service vulnerabilities.

December 8^th 2022 at 16:24

Advisory Files ≈ Packet Storm
Evernote Web Clipper Same-Origin Policy Bypass
December 6^th 2022 at 16:09

Evernote Web Clipper Same-Origin Policy Bypass

Evernote Web Clipper suffered from a same-origin policy bypass vulnerability. The link to the demo exploit was a 403 at the time of addition and has not been included in this post.

December 6^th 2022 at 16:09

Red Hat Security Advisory 2022-8806-01

Red Hat Security Advisory 2022-8806-01 - The USBGuard software framework provides system protection against intrusive USB devices by implementing basic whitelisting and blacklisting capabilities based on device attributes. To enforce a user-defined policy, USBGuard uses the Linux kernel USB device authorization feature.

December 6^th 2022 at 16:06

Red Hat Security Advisory 2022-8799-01

Red Hat Security Advisory 2022-8799-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.

December 6^th 2022 at 16:06

Ubuntu Security Notice USN-5761-2

Ubuntu Security Notice 5761-2 - USN-5761-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Due to security concerns, the TrustCor certificate authority has been marked as distrusted in Mozilla's root store. This update removes the TrustCor CA certificates from the ca-certificates package.

December 6^th 2022 at 16:06

Ubuntu Security Notice USN-5764-1

Ubuntu Security Notice 5764-1 - It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. Nicolas Bidron and Nicolas Guigo discovered that U-Boot incorrectly handled certain fragmented IP packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.

December 6^th 2022 at 16:06

Red Hat Security Advisory 2022-8809-01

Red Hat Security Advisory 2022-8809-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds write vulnerability.

December 6^th 2022 at 16:05

Red Hat Security Advisory 2022-8800-01

Red Hat Security Advisory 2022-8800-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.

December 6^th 2022 at 16:05