CVE-2022-41924 Tailscale Windows daemon is vulnerable to RCE via CSRF

A vulnerability identified in the Tailscale Windows client allows a malicious website to reconfigure the Tailscale daemon tailscaled, which can then be used to remotely execute code. In the Tailscale Windows client, the local API was bound to a local TCP socket, and communicated with the Windows...

PT-2022-5603 · Aveva · Aveva Edge

Name of the Vulnerable Software and Affected Versions: AVEVA Edge formerly InduSoft Web Studio versions R2020 and prior Description: An issue was discovered in the ExecuteCommand function that allows unauthenticated arbitrary commands to be executed. This is related to errors in access control...

SUSE: Security Advisory (SUSE-SU-2022:4146-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-23748

mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what conditions. In these scenarios, a malicious attacker could be using the valid and legitimate executable to load malicious files...

CVE-2022-23748

mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what conditions. In these scenarios, a malicious attacker could be using the valid and legitimate executable to load malicious files...

CVE-2022-23748

mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what conditions. In these scenarios, a malicious attacker could be using the valid and legitimate executable to load malicious files...

BACKCLICK 路径遍历漏洞

BACKCLICK is a marketing software from BACKCLICK Germany that helps organizations create, implement, measure and run web-based email campaigns. A security vulnerability exists in BACKCLICK Professional version 5.9.63 that stems from improper validation or cleanup of uploaded filenames, where an...

Foxit Reader Code Issue Vulnerability (CNVD-2023-07829)

Foxit Reader is a PDF document reader from Foxit China. Foxit Reader is vulnerable to a code issue that could be exploited by attackers to execute malicious DLL files...

qt: QProcess could execute a binary from the current working directory when not found in the PATH

A flaw was found in qt. The vulnerability occurs due to executing binaries from the current directory when the loading path failed, leading to an uncontrolled path element vulnerability. This flaw allows an attacker to execute malicious executables...

PT-2023-5862 · Git · Git For Windows

Name of the Vulnerable Software and Affected Versions: Git for Windows versions prior to 2.40.1 Description: The issue is related to an Uncontrolled Search Path Element vulnerability. It affects users of Git CMD who start the command in an untrusted directory, allowing maliciously-placed doskey.e...

Prefetch-Hash-Cracker - A Small Util To Brute-Force Prefetch Hashes

Motivation During the forensic analysis of a Windows machine, you may find the name of a deleted prefetch file. While its content may not be recoverable, the filename itself is often enough to find the full path of the executable for which the prefetch file was created. Using the tool The followi...

Design/Logic Flaw

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run risky commands using a more privileged user’s permissions to bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards in the Analytics...

CVE-2022-32287

A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior...

CVE-2022-32287

A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior...

The vulnerability of the iscsicpl.exe executable file of the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the iscsicpl.exe executable file in Windows operating systems is related to the possibility of replacing the DLL file. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the installation file of the Kaspersky Endpoint Security antivirus software and the Kavremover utility allows a malicious actor to execute an external executable file from within the installation process.

The vulnerability of the installation file of Kaspersky Endpoint Security and the Kavremover utility is related to an uncontrolled element in the search path. Exploiting this vulnerability could allow a malicious actor to execute an external executable file from within the installation process...

PT-2022-5289 · Kaspersky · Kavremover +1

Name of the Vulnerable Software and Affected Versions: Kaspersky Endpoint Security affected versions not specified Kavremover affected versions not specified Description: The issue is related to an uncontrolled search path element in the installation file of Kaspersky Endpoint Security and the...

Threat Roundup for October 21 to October 28

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Oct. 21 and Oct. 28. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

CVE-2022-3401

The Bricks theme for WordPress is vulnerable to remote code execution due to the theme allowing site editors to include executable code blocks in website content in versions 1.2 to 1.5.3. This, combined with the missing authorization vulnerability CVE-2022-3400, makes it possible for authenticate...

PT-2022-21966 · WordPress · The Bricks

Name of the Vulnerable Software and Affected Versions: The Bricks theme for WordPress versions 1.2 to 1.5.3 Description: The issue allows remote code execution due to the theme permitting site editors to include executable code blocks in website content. This is exacerbated by a missing...