PT-2022-26953 · Siemens · Simcenter Star-Ccm+

Name of the Vulnerable Software and Affected Versions: Simcenter STAR-CCM+ versions prior to V2306 Description: A vulnerability has been identified in the affected application, where it improperly assigns file permissions to installation folders. This could allow a local attacker with an...

CVE-2022-4223

The pgAdmin server includes an HTTP API that is intended to be used to validate the path a user selects to external PostgreSQL utilities such as pgdump and pgrestore. The utility is executed by the server to determine what PostgreSQL version it is from. Versions of pgAdmin prior to 6.17 failed to...

Remote Code Execution

tailscale is vulnerable to remote code execution. The library does not have host header verification, which allows an attacker-controlled coordination server to send malicious URL responses to the client, including pushing executables or installing an SMB share...

qt: QProcess could execute a binary from the current working directory when not found in the PATH

A flaw was found in qt. The vulnerability occurs due to executing binaries from the current directory when the loading path failed, leading to an uncontrolled path element vulnerability. This flaw allows an attacker to execute malicious executables...

[SECURITY] Fedora 37 Update: mingw-binutils-2.38-5.fc37

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

[SECURITY] Fedora 36 Update: mingw-binutils-2.37-5.fc36

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2022-2667)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2022-2635)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Remote file inclusion

A remote file download issue can occur in some capabilities of Esri ArcGIS Server web services that may in some edge cases allow a remote, unauthenticated attacker to induce an unsuspecting victim to launch a process in the victim's PATH environment. Current browsers provide users with warnings...

Mangle - Tool That Manipulates Aspects Of Compiled Executables (.Exe Or DLL) To Avoid Detection From EDRs

Authored By Tyl0us Featured at Source Zero Con 2022 Mangle is a tool that manipulates aspects of compiled executables .exe or DLL. Mangle can remove known Indicators of Compromise IoC based strings and replace them with random characters, change the file by inflating the size to avoid EDRs, and c...

SAP 3D Visual Enterprise Viewer .wrl Denial of Service Vulnerability

SAP 3D Visual Enterprise Viewer is a 3D view viewer from SAP, Germany. The software supports the publishing of 2D and 3D scenes in all industry-standard desktop applications and supports separate installation as a stand-alone executable program and ActiveX space. A denial of service vulnerability...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2022-2538)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-26238

The default privileges for the running service Normand Service Manager in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data...

CVE-2022-26238

The default privileges for the running service Normand Service Manager in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data...

CVE-2022-26236

The default privileges for the running service Normand Remisol Advance Launcher in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data...

CVE-2022-26236

The default privileges for the running service Normand Remisol Advance Launcher in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data...

Design/Logic Flaw

The default privileges for the running service Normand Service Manager in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data...

CVE-2022-26240

The default privileges for the running service Normand Message Buffer in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data...

CVE-2022-26240

The default privileges for the running service Normand Message Buffer in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data...

CVE-2022-26239

The default privileges for the running service Normand License Manager in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows unprivileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data...