Linux Distros Unpatched Vulnerability : CVE-2024-22957

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dictdolookup in swftools/lib/q.c:1190. CVE-2024-22957 Note that...

CVE-2024-22957

swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dictdolookup in swftools/lib/q.c:1190...

CVE-2025-22957

A SQL injection vulnerability exists in the front-end of the website in ZZCMS = 2023, which can be exploited without any authentication. This vulnerability could potentially allow attackers to gain unauthorized access to the database and extract sensitive information...

CVE-2024-22957

creationtimestamp| type| source ---|---|--- 2024-01-19 19:26:59+00:00| seen| https://t.me/ctinow/170366 2024-01-25 17:17:21+00:00| seen| https://t.me/ctinow/173589 2024-02-15 14:51:28+00:00| seen| https://t.me/ctinow/185573 2025-06-20 18:42:24+00:00| published-proof-of-concept|...

CVE-2024-22957

swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dictdolookup in swftools/lib/q.c:1190...

CVE-2023-22957

creationtimestamp| type| source ---|---|--- 2023-08-12 00:16:53+00:00| seen| https://t.me/cibsecurity/68386...

CVE-2023-22957

An issue was discovered in libacdes3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root passwor...

CVE-2023-22957

An issue was discovered in libacdes3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root passwor...

CVE-2023-22957

The CVE-2023-22957 issue affects AudioCodes VoIP desk phones (libac_des3.so) through firmware up to 3.4.4.1000. The root cause is a hard-coded cryptographic key, enabling an attacker with access to backups or configuration files to decrypt encrypted values and retrieve sensitive information (e.g....

Metasploit Weekly Wrap-Up

VMware Workspace ONE Access exploit chain A new module contributed by jheysel-r7 exploits two vulnerabilities in VMware Workspace ONE Access to attain Remote Code Execution as the horizon user. First being CVE-2022-22956, which is an authentication bypass and the second being a JDBC injection in...

Mware Workspace ONE Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Workspace ONE Access VMSA-2022-0011 exploit chain', 'Description' = %q This module combines two vulnerabilities in order achieve remote co...

Deserialization of untrusted data

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities CVE-2022-22957 & CVE-2022-22958. A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote...

CVE-2022-22957

Summary (CVE-2022-22957 / CVE-2022-22958): VMware Workspace ONE Access, Identity Manager and vRealize Automation are affected by remote code execution vulnerabilities. The root cause is deserialization of untrusted data via a malicious JDBC URI in the DBConnectionCheckController (CVE-2022-22957) ...

CVE-2022-22957

creationtimestamp| type| source ---|---|--- 2022-04-07 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=775 2022-05-01 21:40:40+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/2076 2023-04-18 15:17:44+00:00| seen|...

UniFi Protect <= 1.19.2 CORS Vulnerability

UniFi Protect is prone to a cross-origin resource sharing CORS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...

CVE-2021-22957

creationtimestamp| type| source ---|---|--- 2021-11-24 22:27:43+00:00| seen| https://t.me/cibsecurity/32978...

CVE-2021-22957

A Cross-Origin Resource Sharing CORS vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user’s account.This vulnerability is fixed in UniFi Protect applicati...

CVE-2021-22957

Summary of CVE-2021-22957 (UniFi Protect) : A CORS misconfiguration in UniFi Protect