CVE-2022-41077

Windows Fax Compose Form Elevation of Privilege Vulnerability...

CVE-2022-41077

Windows Fax Compose Form Elevation of Privilege Vulnerability...

Privilege escalation

Windows Fax Compose Form Elevation of Privilege Vulnerability...

Windows Fax Compose Form Elevation of Privilege Vulnerability

...

CVE-2022-41077 Windows Fax Compose Form Elevation of Privilege Vulnerability

...

CVE-2022-41077

CVE-2022-41077 is Windows Fax Compose Form Elevation of Privilege. Affected component: Windows Fax service (Fax/Compose form). Root cause and impact as per provided data: local attacker with low privileges can exploit the vulnerability with no user interaction to achieve elevation of privilege, w...

PT-2022-6008 · Microsoft · Windows Fax Compose Form +1

Name of the Vulnerable Software and Affected Versions: Windows Fax Compose Form affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows Fax Compose Form component, allowing an attacker to potentially elevate their privileges. There is n...

CVE-2022-41077 Windows Fax Compose Form Elevation of Privilege Vulnerability

...

nuvola - Tool To Dump And Perform Automatic And Manual Security Analysis On Aws Environments Configurations And Services

nuvola with the lowercase n is a tool to dump and perform automatic and manual security analysis on AWS environments configurations and services using predefined, extensible and custom rules created using a simple Yaml syntax. The general idea behind this project is to create an abstracted digita...

GHSA-VP35-85Q5-9F25 Container build can leak any path on the host into the container

Description Moby is the open source Linux container runtime and set of components used to build a variety of downstream container runtimes, including Docker CE, Mirantis Container Runtime formerly Docker EE, and Docker Desktop. Moby allows for building container images using a set of build...

PT-2022-7658 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.1 Description: The vulnerability is related to a buffer overflow issue in the vivid component of the Linux kernel. It occurs due to a failure to check boundaries after adjusting the compose height in the V4L...

flatpak bug fix and enhancement update

An update is available for mozilla-filesystem, sbc, dbus-glib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list These packages will be released only via the...

flatpak bug fix and enhancement update

An update is available for mozilla-filesystem, sbc, dbus-glib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list These packages will be released only via the firef...

Shomon - Shodan Monitoring Integration For TheHive

ShoMon is a Shodan alert feeder for TheHive written in GoLang. With version 2.0, it is more powerful than ever! Functionalities Can be used as Webhook OR Stream listener Webhook listener opens a restful API endpoint for Shodan to send alerts. This means you need to make this endpoint available to...

PT-2022-25821 · Zimbra · Zimbra Collaboration Suite

Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration Suite version 8.8.15 Description: The issue concerns a Reflected XSS vulnerability. It is related to the URL at "/h/compose" which accepts an attachUrl parameter. This allows for the execution of arbitrary JavaScript on t...

Zimbra Collaboration Suite 跨站脚本漏洞

Synacor Zimbra Collaboration Suite ZCS is an open source collaboration suite from Synacor, USA. The product includes WebMail, Calendar, Address Book and more. A cross-site scripting vulnerability exists in Zimbra Collaboration Suite version 8.8.15, which stems from the lack of effective filtering...

CVE-2022-41349

CVE-2022-41349 affects Zimbra Collaboration Suite (ZCS) 8.8.15. The vulnerability is a Reflected XSS in the /h/compose endpoint, where the attachUrl parameter is not properly sanitized, allowing execution of arbitrary JavaScript in a victim’s browser. Affected product/version: ZCS 8.8.15. Underly...

PT-2022-22966 · Microsoft · Azure Service Fabric Explorer

Name of the Vulnerable Software and Affected Versions: Azure Service Fabric Explorer versions 8.1.316 and earlier Description: The issue allows an attacker to potentially gain administrator rights in a cluster. It affects the Azure Service Fabric Explorer, a tool used for managing Azure Service...

Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a Thunderbird user replying to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute and the content attribute specifying an URL. Thunderbird started a...

Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a Thunderbird user replying to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute and the content attribute specifying an URL. Thunderbird started a...