NewStart CGSL MAIN 6.02 : systemd Multiple Vulnerabilities (NS-SA-2022-0055)

The remote NewStart CGSL host, running version MAIN 6.02, has systemd packages installed that are affected by multiple vulnerabilities: - An issue was discovered in buttonopen in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur...

CVE-2021-44716

There's an uncontrolled resource consumption flaw in golang's net/http library in the canonicalHeader function. An attacker who submits specially crafted requests to applications linked with net/http's http2 functionality could cause excessive resource consumption that could lead to a denial of...

7-Zip 16 DLL Hijacking

Microsoft Windows Environment Variable Expansion Issue Leads To Remote DLL Hijack Attack vector: 7-ZIP v.16 7-ZIP v.16 and possibly other softwares that utilizes the HTML Help System are prone to a remote DLL hijacking issue which leads to arbitrary code execution. PoC attached. because the OS...

CVE-2022-26526

CVE-2022-26526 affects Anaconda3 up to 2021.11.0.0 and Miniconda3 up to 4.11.0.0. A world-writable directory can be created under %PROGRAMDATA% and added to the system PATH when installed in a non-default configuration (for all users and PATH changes). Local users could gain privileges by placing...

ROS-20220301-01

Vulnerability in the Bubblewrap sandbox tool, related to incorrect handling of the number of parameter of call parameters in the pkexec setuid binary. Exploitation of the vulnerability could allow an attacker to create environment variables so that they are processed and executed by pkexec, and...

CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

CVE-2022-25366

Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables entitlements. An attacker can exploit this by creating a malicious...

Cryptomator 代码问题漏洞

Cryptomator is a simple digital self-defense tool from the Cryptomator community. It is used to protect data. Cryptomator suffers from a code issue vulnerability that stems from the fact that an attacker can exploit the vulnerability can exploit this by creating a malicious .dylib file that can b...

Updated nas packages fix security vulnerability

Stack-based buffer overflow in auphone.c that can be triggered by an environment variable. Also, the x11-util-cf-files package has been patched to allow building nas...

Security advisory: QProcess

Recently, the Qt Project's security team was made aware of an issue regarding QProcess and determined it to be a security issue on Unix-based platforms only. We do not believe this to be a considerable risk for applications as the likelihood of it being triggered is minimal. Specifically, the...

Privilege escalation

SAP Adaptive Server Enterprise ASE - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The...

CVE-2022-22528

CVE-2022-22528 affects SAP Adaptive Server Enterprise (ASE) version 16.0 on Windows, where the installer writes an entry to the system PATH. Under certain conditions this can allow a Standard User to execute malicious Windows binaries, enabling local privilege escalation. The issue is tied to the...

CVE-2022-21701

Istio is an open platform to connect, manage, and secure microservices. In versions 1.12.0 and 1.12.1 Istio is vulnerable to a privilege escalation attack. Users who have CREATE permission for gateways.gateway.networking.k8s.io objects can escalate this privilege to create other resources that th...

Privilege escalation

Istio is an open platform to connect, manage, and secure microservices. In versions 1.12.0 and 1.12.1 Istio is vulnerable to a privilege escalation attack. Users who have CREATE permission for gateways.gateway.networking.k8s.io objects can escalate this privilege to create other resources that th...

Security Bulletin: Vulnerability in Apache Log4j affects IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps (CVE-2021-44228)

Summary There is a vulnerability in the Apache Log4j open source library. The library is used by IBM CloudPak foundational services which is a dependency of IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could all...

vault-cli contains possible RCE when reading user-defined data

Impact What kind of vulnerability is it? Who is impacted? vault-cli features the ability for rendering templated values as explained in the documentation. When a secret starts with the prefix !template!, vault-cli interprets the rest of the contents of the secret as a Jinja2 template. Jinja2 is a...

PYSEC-2021-853

vault-cli is a configurable command-line interface tool and python library to interact with Hashicorp Vault. In versions before 3.0.0 vault-cli features the ability for rendering templated values. When a secret starts with the prefix !template!, vault-cli interprets the rest of the contents of th...

Sonicwall SMA100 缓冲区错误漏洞

The Sonicwall SMA100 is a secure access gateway appliance from Sonicwall, Inc. A buffer error vulnerability in the modcgi module environment variable of the SonicWall SMA100 Apache httpd server allows an unauthenticated, remote attacker to potentially execute code as the nobody user in the device...

OPENSUSE-SU-2021:1525-1 Security update for singularity

This update for singularity fixes the following issues: Update to 3.8.5: - CVE-2021-41190: Fixed OCI manifest and index parsing confusion boo1193273. - Building Singularity from source requires go greater or equal 1.16. We now aim to support the two most recent stable versions of Go. This...