CVE-2022-2053

A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service...

The vulnerability of the DNS Server component of the Windows operating system, which allows a hacker to execute arbitrary code.

The vulnerability of the DNS Server component of the Windows operating system is related to synchronization errors when using a shared resource “Race Situation”. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

PT-2022-2950 · Spacelogic +1 · Spacelogic C-Bus Application Controller +3

Name of the Vulnerable Software and Affected Versions: C-Bus Network Automation Controller - LSS5500NAC versions prior to V1.10.0 Wiser for C-Bus Automation Controller - LSS5500SHAC versions prior to V1.10.0 Clipsal C-Bus Network Automation Controller - 5500NAC versions prior to V1.10.0 Clipsal...

The vulnerability of the File Server Resource Manager, a component of the Microsoft Windows operating system, allows a perpetrator to increase their privileges.

The vulnerability of the File Server Resource Manager in Microsoft Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the KVM virtualization subsystem in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the KVM virtualization subsystem in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to trigger a service failure...

Update Rollup 4 for System Center 2019 Virtual Machine Manager

Update Rollup 4 for System Center 2019 Virtual Machine Manager Introduction: This article describes the issues that are fixed in Update Rollup 4 UR4 for Microsoft System Center 2019 Virtual Machine Manager. This article also includes installation instructions and improvements and feature updates...

The vulnerability of the Cisco IOx software platform, caused by synchronization errors when using a shared resource, allows a perpetrator to bypass the authentication process.

The vulnerability of the Cisco IOx software platform arises from synchronization errors when using a shared resource. Exploiting this vulnerability allows a malicious actor to bypass authentication procedures remotely...

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to perform spear-phishing attacks remotely...

UBUNTU-CVE-2022-31625

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or...

The vulnerability of the Windows operating system, related to errors in the code, allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows operating system is related to errors in the code. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Windows operating system arises from synchronization errors when using a shared resource, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Windows operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Windows operating system arises from synchronization errors when using a shared resource, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Windows operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Windows operating system, related to errors in the code, allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows operating system is related to errors in the code. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software, related to security mechanism errors, allows a intruder to remove the user from the system.

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software is related to security mechanism errors. Exploiting this vulnerability could allow a malicious actor, operating remotely, to remove a user using a specially created network package...

The vulnerability of the Windows Hyper-V hardware virtualization system for Windows operating systems arises from synchronization errors when using shared resources (“Race Conditions”). This allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows Hyper-V hardware virtualization system in Windows operating systems is related to synchronization errors when using shared resources „Race Conditions“. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Windows operating system arises from synchronization errors when using a shared resource, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Windows operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Bluetooth driver for Microsoft Windows operating systems, related to synchronization errors when using a shared resource, allows attackers to escalate their privileges.

The vulnerability of the Windows operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

[SECURITY] [DLA 3048-1] python-bottle security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-3048-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta June 09, 2022 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...

java-11-openj9,java-1_8_0-openj9: unverified methods can be invoked using MethodHandles

In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles...

The vulnerability of component ADF Faces in the Oracle Jdeveloper software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of component ADF Faces in the Oracle Jdeveloper software is related to errors in the code. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information through HTTP requests...