CVE-2022-31710

vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization of untrusted data which could result in a denial of service...

The vulnerability of the SIP Application Layer Gateway (ALG) on Juniper Networks’ Junos operating systems allows a attacker to trigger a system failure and restart the device.

The vulnerability of the SIP Application Layer Gateway ALG on Juniper Networks Junos operating systems is related to the use of an uninitialized pointer in the stack. Exploiting this vulnerability can allow a malicious actor to trigger a system failure and restart the device remotely...

PT-2022-9020 · Unknown · Destiny.Gg Chat

Name of the Vulnerable Software and Affected Versions: destiny.gg chat affected versions not specified Description: A vulnerability was found in the destiny.gg chat, affecting the function websocket.Upgrader of the file main.go. The manipulation leads to cross-site request forgery, and the attack...

PT-2022-24232 · Axiomatic · Axiomatic Bento4

Name of the Vulnerable Software and Affected Versions: Axiomatic Bento4 affected versions not specified Description: A problematic issue was found in Axiomatic Bento4, affecting the mp4decrypt component, which leads to a memory leak. The issue can be initiated remotely. Recommendations: At the...

CVE-2022-28883

A Denial-of-Service DoS vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl unpack function crashes. This can lead to a possible scanning engine crash. The exploit can be triggered remotely by an attacker...

WithSecure Endpoint Protection 安全漏洞

WithSecure Endpoint Protection is a cloud-native, AI-powered endpoint protection from Finland's WithSecure. It can be deployed instantly from a browser and easily managed from a single console. WithSecure Endpoint Protection suffers from a security vulnerability that stems from the fact that...

PT-2022-19287 · F Secure +1 · F-Secure +1

Name of the Vulnerable Software and Affected Versions: F-Secure & WithSecure products affected versions not specified Description: A Denial-of-Service DoS issue was discovered in F-Secure & WithSecure products. The aegen.dll goes into an infinite loop when unpacking PE files, leading to a scannin...

CVE-2022-24952

Several denial of service vulnerabilities exist in Eternal Terminal prior to version 6.2.0, including a DoS triggered remotely by an invalid sequence number and a local bug triggered by invalid input sent directly to the IPC socket...

Denial of service

Several denial of service vulnerabilities exist in Eternal Terminal prior to version 6.2.0, including a DoS triggered remotely by an invalid sequence number and a local bug triggered by invalid input sent directly to the IPC socket...

CVE-2022-24952

Several denial of service vulnerabilities exist in Eternal Terminal prior to version 6.2.0, including a DoS triggered remotely by an invalid sequence number and a local bug triggered by invalid input sent directly to the IPC socket...

PT-2022-19286 · F Secure · F-Secure Atlant

Name of the Vulnerable Software and Affected Versions: F-Secure Atlant affected versions not specified Description: A Denial-of-Service DoS issue was found, where the aerdl.dll component's unpacker function crashes, leading to a scanning engine crash. This can be triggered remotely by an attacker...

CVE-2022-36984

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could remotely trigger a denial of service attack against a...

CVE-2022-32263

Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719...

CVE-2022-27934

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP...

PT-2022-18696 · Pexip · Pexip Infinity

Name of the Vulnerable Software and Affected Versions: Pexip Infinity versions 27.0 through 27.2 Description: The issue allows remote attackers to trigger a software abort via HTTP. Recommendations: For versions 27.0 through 27.2, update to version 27.3 or later to resolve the issue...

Apple iPhone 安全漏洞

The Apple iPhone is a smartphone from Apple, an American Apple Apple company. A security vulnerability exists in Apple iPhone versions prior to 12.4.1, which stems from the ability to play an audio or video file to launch Siri on the same device, allowing commands to be executed remotely...

Security update for tor (important)

openSUSE Security Update: Security update for tor Announcement ID: openSUSE-SU-2022:10023-1 Rating: important References: 1200672 Cross-References: CVE-2022-33903 Affected Products: openSUSE Backports SLE-15-SP3 openSUSE Backports SLE-15-SP4 An update that fixes one vulnerability is now available...

GHSA-WPHQ-J78P-FHGP Secret stored in plain text by Jenkins Parameterized Remote Trigger Plugin

Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a secret unencrypted in its global configuration file org.jenkinsci.plugins.ParameterizedRemoteTrigger.RemoteBuildConfiguration.xml on the Jenkins controller as part of its configuration. This secret can be viewed by attackers with acce...

de.tsystems.mms.apm:performance-signature-viewer (>=2.5.8 <=2.5.8.1) potentially affected by CVE-2020-2239 via org.jenkins-ci.plugins:Parameterized-Remote-Trigger (=3.0.0)

org.jenkins-ci.plugins:Parameterized-Remote-Trigger MAVEN version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:Parameterized-Remote-Trigger and may be impacted: - de.tsystems.mms.apm:performance-signature-viewer =2.5.8,...

Secret stored in plain text by Jenkins Parameterized Remote Trigger Plugin

Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a secret unencrypted in its global configuration file org.jenkinsci.plugins.ParameterizedRemoteTrigger.RemoteBuildConfiguration.xml on the Jenkins controller as part of its configuration. This secret can be viewed by attackers with acce...