CVE-2022-27179

CVE-2022-27179 is associated with Red Lion DA50N gateways, where an attacker with access to an exported configuration file may obtain stored credentials and access protected resources. The connected ICS advisory (CISA ICSA-22-104-03) ties this vulnerability to insecure credential handling (cited ...

Two Vulnerabilities discovered in AWS Client VPN

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Two flaws have been discovered in the AWS VPN Client. One of them CVE-2022-25166 was discovered due to a time-of-check to time-of-use TOCTOU condition, which could lead to privilege escalation. Another vulnerability...

CMSimple Directory Traversal Vulnerability

CMSimple is a PHP and HTML based content management system that helps users to quickly create simple and easy to use websites. CMSimple suffers from a directory traversal vulnerability that stems from a failure of a web-based system or product to properly filter for special elements in the path o...

CVE-2022-25166

An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters such as auth-user-pass. When this file is imported and the client attempts to validate the file path, it performs an open...

CVE-2022-25166

CVE-2022-25166 and CVE-2022-25165 affect Amazon AWS VPN Client 2.0.0. A crafted OpenVPN configuration file can trigger exposure of Net-NTLMv2 hashes and, in the TOCTOU case, allow injection of parameters outside the allow list, enabling an arbitrary file write as SYSTEM. CVE-25166 requires the us...

PT-2022-13805 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 6.4.1 and earlier Description: The issue is related to improper privilege management in Mattermost, where an API fails to properly protect permissions. This allows authenticated members with restricted custom admin roles t...

The configuration file of the VMware Horizon Client for Linux allows for the attacker to elevate their privileges to the root level.

The vulnerability of the VMware Horizon Client for Linux client configuration file is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...

CVE-2022-22964

VMware Horizon Agent for Linux prior to 22.x contains a local privilege escalation that allows a user to escalate to root due to a vulnerable configuration file...

CVE-2022-22964

VMware Horizon Agent for Linux prior to 22.x contains a local privilege escalation that allows a user to escalate to root due to a vulnerable configuration file...

CVE-2022-22964

VMware Horizon Agent for Linux prior to 22.x contains a local privilege escalation that allows a user to escalate to root due to a vulnerable configuration file...

Design/Logic Flaw

VMware Horizon Agent for Linux prior to 22.x contains a local privilege escalation that allows a user to escalate to root due to a vulnerable configuration file...

CVE-2022-22964

VMware Horizon Agent for Linux prior to 22.x contains a local privilege escalation that allows a user to escalate to root due to a vulnerable configuration file...

CVE-2022-22964

CVE-2022-22964 affects VMware Horizon Agent for Linux (prior to 22.x). The issue is a local privilege escalation due to a vulnerable configuration file, allowing a low-privileged user with local access to escalate to root. CVSS info in the sourcing documents indicates high impact with LOCAL attac...

Uncover - Quickly Discover Exposed Hosts On The Internet Using Multiple Search Engine

uncover is a go wrapper using APIs of well known search engines to quickly discover exposed hosts on the internet. It is built with automation in mind, so you can query it and utilize the results with your current pipeline tools. Currently, it supports shodan , censys , and fofa search engine...

Design/Logic Flaw

A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration files of the affected products...

CVE-2022-22515

CVE-2022-22515 affects the CODESYS Control runtime system. A remote, authenticated attacker could use the control program to read and modify the affected product’s configuration files. The available documents describe the impact (unauthorized read/write of config files) and the attack path but do...

CVE-2022-26850

When creating or updating credentials for single-user access, Apache NiFi wrote a copy of the Login Identity Providers configuration to the operating system temporary directory. On most platforms, the operating system temporary directory has global read permissions. NiFi immediately moved the...

VMware Horizon 权限许可和访问控制问题漏洞

VMware Horizon is a suite of foundation platforms for virtual desktops and applications from VMware. The product enables end users to access all of their virtual desktops, applications and online services through a digital workspace. The VMware Horizon Client is vulnerable to a privilege-granting...

Roxy File Manager 1.4.5 PHP File Upload Restriction Bypass Exploit

Roxy File Manager version 1.4.5 proof of concept exploit for a PHP file upload restriction bypass vulnerability. Exploit Title: Roxy File Manager 1.4.5 PHP File Upload Restriction Bypass Exploit Author: Adam Shebani NULLHE4D Software: Roxy File Manager Version: 1.4.5 CVE: CVE-2018-20525 Vendor...

Jenkins instant-messaging Plugin信息泄露漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. The vulnerability stems from unencrypted group chat passwords stored in the...