183 matches found
ESXi 6.5 / 6.7 / 7.0 Heap Overflow RCE (VMSA-2022-0001)
The remote VMware ESXi host is version 6.5, 6.7 or 7.0 and is affected by a heap overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute...
Ubuntu: Security Advisory (USN-3822-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RLSA-2022:5252 Moderate: libarchive security update
The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...
CVE-2022-28385
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive containing the Windows and macOS client software. The content of this emulated CD-ROM drive is stored as an ISO-9660 image in...
Input validation
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive containing the Windows and macOS client software. The content of this emulated CD-ROM drive is stored as an ISO-9660 image in...
CVE-2022-28385
Affected products: Verbatim Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1 and Fingerprint Secure Portable Hard Drive (Part Number #53650). Root cause: missing integrity checks allow manipulation of the ISO-9660 image stored in hidden USB drive sectors that backs the emulated CD-ROM c...
CVE-2022-28385
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive containing the Windows and macOS client software. The content of this emulated CD-ROM drive is stored as an ISO-9660 image in...
Verbatim Keypad Secure USB Drive 数据伪造问题漏洞
The Verbatim Keypad Secure USB Drive is a hardware encrypted USB flash drive from Verbatim, a Chinese company. A security vulnerability in the Verbatim Keypad Secure USB Drive, which stems from a lack of integrity checking, can be exploited by an attacker to store and execute malware on an emulat...
Moderate: Red Hat Security Advisory: libarchive security update
An update for libarchive is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
ALSA-2022:0892 Moderate: libarchive security update
The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...
MIcrosoft Windows CD-ROM Driver Elevation of Privilege Vulnerability
Microsoft Windows is a CD-ROM driver from Microsoft Corporation, and an elevation of privilege vulnerability exists in the Microsoft Windows CD-ROM Driver, which could be exploited by attackers to execute arbitrary code with elevated privileges...
CVE-2022-24455
Windows CD-ROM Driver Elevation of Privilege Vulnerability...
CVE-2022-24455
Windows CD-ROM Driver Elevation of Privilege Vulnerability...
Privilege escalation
Windows CD-ROM Driver Elevation of Privilege Vulnerability...
CVE-2022-24455 Windows CD-ROM Driver Elevation of Privilege Vulnerability
...
CVE-2022-24455
CVE-2022-24455 affects the Microsoft Windows CD-ROM Driver. The vulnerability is an Elevation of Privilege in the CD-ROM driver that could allow an attacker to execute arbitrary code with elevated privileges on Windows systems. The CNVD entry corroborates a Windows CD-ROM Driver EoP and notes pot...
Microsoft Windows CD-ROM Driver Uninitialized Pointer Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CD-ROM drive...
Microsoft Windows CD-ROM Driver Uninitialized Pointer Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CD-ROM drive...
Microsoft Windows Multiple Vulnerabilities (KB5011485)
This host is missing an important security update according to Microsoft KB5011485 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Windows CD-ROM Driver Elevation of Privilege Vulnerability
...