MAL-2025-41033 Malicious code in zmarta-admin-components (npm)

The package zmarta-admin-components was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2024-41033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cachestat: do not flush stats in recency check syzbot detects that cachestat is flushing...

CVE-2023-41033

A vulnerability has been identified in Parasolid V35.0 All versions V35.0.260, Parasolid V35.1 All versions V35.1.246, Parasolid V36.0 All versions V36.0.156, Simcenter Femap V2301 All versions V2301.0003, Simcenter Femap V2306 All versions V2306.0001. The affected application contains an out of...

CVE-2024-41033

In the Linux kernel, the following vulnerability has been resolved: cachestat: do not flush stats in recency check syzbot detects that cachestat is flushing stats, which can sleep, in its RCU read section see 1. This is done in the workingsettestrecent step which checks if the folio's eviction is...

CVE-2024-41033

In the Linux kernel, the following vulnerability has been resolved: cachestat: do not flush stats in recency check syzbot detects that cachestat is flushing stats, which can sleep, in its RCU read section see 1. This is done in the workingsettestrecent step which checks if the folio's eviction is...

CVE-2024-41033

In the Linux kernel, the following vulnerability has been resolved: cachestat: do not flush stats in recency check syzbot detects that cachestat is flushing stats, which can sleep, in its RCU read section see 1. This is done in the workingsettestrecent step which checks if the folio's eviction is...

CVE-2024-41033

In the Linux kernel, the following vulnerability has been resolved: cachestat: do not flush stats in recency check syzbot detects that cachestat is flushing stats, which can sleep, in its RCU read section see 1. This is done in the workingsettestrecent step which checks if the folio's eviction is...

CVE-2023-41033

creationtimestamp| type| source ---|---|--- 2023-09-12 14:23:03+00:00| seen| https://t.me/cibsecurity/70268...

CVE-2023-41033

A vulnerability has been identified in Parasolid V35.0 All versions V35.0.260, Parasolid V35.1 All versions V35.1.246, Parasolid V36.0 All versions V36.0.156, Simcenter Femap V2301 All versions V2301.0003, Simcenter Femap V2306 All versions V2306.0001. The affected application contains an out of...

CVE-2023-41033

CVE-2023-41033 affects Siemens Parasolid (V35.0/V35.1/V36.0) and Simcenter Femap variants, with an out-of-bounds write past the end of an allocated structure while parsing specially crafted X_T files. The root cause is an out-of-bounds write during X_T parsing, which could allow code execution in...

Did Patch Tuesday address the zero-day flaw in Microsoft Exchange

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft addresses two new zero-day vulnerabilities tracked under CVE-2022-41033, an Elevation of Privilege vulnerability exploited in the wild. CVE-2022-41043 is an Information Disclosure...

Update now! October patch Tuesday fixes actively used zero-day...but not the one you expected

Microsoft fixed 84 vulnerabilities in its October 2022 Patch Tuesday updates. Thirteen of them received the classification 'Critical'. Among them are a zero-day vulnerability that's being actively exploited, and another that hasnt been spotted in the wild yet. The bad news is that the much-desire...

Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs

Microsoft's Patch Tuesday update for the month of October has addressed a total of 85 security vulnerabilities, including fixes for an actively exploited zero-day flaw in the wild. Of the 85 bugs, 15 are rated Critical, 69 are rated Important, and one is rated Moderate in severity. The update,...

Microsoft Windows Multiple Vulnerabilities (KB5018457)

This host is missing an important security update according to Microsoft KB5018457 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

CVE-2022-41033

creationtimestamp| type| source ---|---|--- 2022-10-11 22:11:58+00:00| exploited| https://t.me/ctinow/68518 2022-10-11 22:26:21+00:00| seen| https://t.me/cibsecurity/51156 2022-10-12 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=892 2022-10-12 13:56:02+00:00| exploited|...

CVE-2022-41033

Windows COM+ Event System Service Elevation of Privilege Vulnerability...

Patch Tuesday - October 2022

The October batch of CVEs published by Microsoft includes 96 vulnerabilities, including 12 fixed earlier this month that affect the Chromium project used by their Edge browser. Top of mind for many this month is whether Microsoft would patch the two Exchange Server zero-day vulnerabilities...

CVE-2022-41033

Windows COM+ Event System Service Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2022-41033 Windows COM+ Event System Service Elevation of Privilege Vulnerability

...

CVE-2022-41033

CVE-2022-41033 is a Windows Privilege Escalation affecting the COM+ Event System Service. The root cause is an improper privilege handling in the service, enabling a local attacker with low privileges to obtain SYSTEM level access, compromising confidentiality, integrity, and availability. The CV...