FreeBSD -- bhyveload(8) host file access

Problem Description: bhyveload -h may be used to grant loader access to the directory tree on the host. Affected versions of bhyveload8 do not make any attempt to restrict loader's access to , allowing the loader to read any file the host user has access to. Impact: In the bhyveload8 model, the...

Siemens SCALANCE SC-600 Family

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SCALANCE W700 Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2023-44373)

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU, RUGGEDCOM RM1224 LTE4G NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL- Router Annex A, SCALANCE M812-1 ADSL-Router Annex B, SCALANCE M816-1 ADSL-Router Annex A, SCALANCE M816-1 ADSL-Router Annex B, SCALANCE M826-2 SHDSL-Router, SCALANC...

Multiple Siemens Products Input Validation Error Vulnerability (CNVD-2023-86591)

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...

CVE-2023-44373

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323...

Input validation

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323...

CVE-2023-44373

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323...

Information Disclosure

gitlab is vulnerable to Information Disclosure. The vulnerability exists due to the insertion of sensitive information into log file which allows an attacker with local file system access to obtain system root-level privileges...

Vulnerability fixed in Microsoft Defender

Microsoft has fixed a vulnerability in Defender Endpoint for macOS. A local, authenticated malicious party can exploit the exploit the vulnerability to grant itself elevated privileges and thus execute code with SYSTEM/root privileges. Microsoft has made updates available that fix the described...

CVE-2022-36323

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell...

Input validation

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell...

CVE-2022-36323

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell...

CVE-2022-36323

Consolidated disclosure shows CVE-2022-36323 as an input sanitization vulnerability that can let an authenticated admin inject code or spawn a system root shell. The follow-up CVE-2023-44373 (in Siemens SCALANCE/W700 family and related devices) confirms this issue as a cross-contract injection vu...

CVE-2022-31590

SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the...

CVE-2022-31590

SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the...

SAP PowerDesigner 代码问题漏洞

SAP PowerDesigner, a database design software from SAP, is vulnerable to a code issue in SAP PowerDesigner Proxy version 16.7, which could be exploited by attackers to bypass system root disk access restrictions, write or create program files on the system disk root path, and elevate the privileg...

GitLab < 14.2.6 (CVE-2021-39913)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Accidental logging of system root password in the migration log in all versions of GitLab CE/EE before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before...

Wondershare UBackit 2.0.5 - &#039;wsbackup&#039; Unquoted Service Path

Exploit Title: Wondershare UBackit 2.0.5 - 'wsbackup' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2022-02-17 Vendor Homepage: https://www.wondershare.com/ Software Link : https://download.wondershare.com/ubackitfull8767.exe Tested Version: 2.0.5 Vulnerability Type: Unquoted...

CVE-2021-39913

Accidental logging of system root password in the migration log in all versions of GitLab CE/EE before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 allows an attacker with local file system access to obtain system root-level privileges...

CVE-2021-39913

Accidental logging of system root password in the migration log in all versions of GitLab CE/EE before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 allows an attacker with local file system access to obtain system root-level privileges...