kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the compressedEndpoint field in a UIPlugin deployment. An attacker can overwrite binaries or configuration files, tamper with cluster state, or write to the host node filesystem by exploiting path traversal in th...

CVE-2022-37172

Incorrect access control in the install directory C:\msys64 of Msys2 v20220603 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

CVE-2022-36564

Incorrect access control in the install directory C:\Strawberry of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

CVE-2022-36563

Incorrect access control in the install directory C:\RailsInstaller of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

CVE-2022-36563

Incorrect access control in the install directory C:\RailsInstaller of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

CVE-2022-36565

Incorrect access control in the install directory C:\Wamp64 of Wamp v3.2.6 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

CVE-2022-36564

Incorrect access control in the install directory C:\Strawberry of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

Improper access control

Incorrect access control in the install directory C:\msys64 of Msys2 v20220603 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

CVE-2022-36565

Incorrect access control in the install directory C:\Wamp64 of Wamp v3.2.6 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

CVE-2022-36564

Incorrect access control in the install directory C:\Strawberry of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

CVE-2022-36563

Incorrect access control in the install directory C:\RailsInstaller of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

CVE-2022-29376

Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install directory, allowing attackers to execute arbitrary code via overwriting binaries located in the directory...

CVE-2022-29376

Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install directory, allowing attackers to execute arbitrary code via overwriting binaries located in the directory...