CVE-2022-1240

Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the rstrncpy function. Therefore I think it is very likely to be exploitable. For more general...

CVE-2022-1240

Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the rstrncpy function. Therefore I think it is very likely to be exploitable. For more general...

Heap overflow

Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the rstrncpy function. Therefore I think it is very likely to be exploitable. For more general...

CVE-2022-1240

Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the rstrncpy function. Therefore I think it is very likely to be exploitable. For more general...

CVE-2022-1240 Heap buffer overflow in libr/bin/format/mach0/mach0.c in radareorg/radare2

Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the rstrncpy function. Therefore I think it is very likely to be exploitable. For more general...

CVE-2022-1238

Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see CWE...

CVE-2022-28281

If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 91.8, Firefox 99, and...

CVE-2022-1196

After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird 91.8 and Firefox ESR 91.8...

CVE-2022-28282

By using a link with rel="localization" a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird 91.8, Firefox 99, and...

CVE-2022-1238 Out-of-bounds Write in libr/bin/format/ne/ne.c in radareorg/radare2

Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see CWE...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2022-095-01)

The version of mozilla-firefox installed on the remote host is prior to 91.8.0esr / 99.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-095-01 advisory. - regex is an implementation of regular expressions for the Rust language. The regex crate features...

Security Vulnerabilities fixed in Thunderbird 91.8 — Mozilla

NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the...

Johnson Controls Metasys

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: Metasys Vulnerability: Server-side Request Forgery 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to inject...

Critical Bugs in Rockwell PLC Could Allow Hackers to Implant Malicious Code

Two new security vulnerabilities have been disclosed in Rockwell Automation's programmable logic controllers PLCs and engineering workstation software that could be exploited by an attacker to inject malicious code on affected systems and stealthily modify automation processes. The flaws have the...

CoreCollection: Starting index is pseudo-randomly generated, allowing for gameable NFT launches

Lines of code Vulnerability details Details & Impact In Paradigm’s article “A Guide to Designing Effective NFT Launches”, one of the desirable properties of an NFT launch is unexploitable fairness: Launches must have true randomness to ensure that predatory users cannot snipe the rarest items at...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57805)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and earlier versions, which can be exploited by remote attackers with the 'newMonitorV4LCapturesPerFrame' paramete...

Mitsubishi Electric FA Products

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: FA products Vulnerabilities: Use of Password Hash Instead of Password for Authentication, Use of Weak Hash, Cleartext Storage of Sensitive Information, Authentication Bypass by Capture-replay...

Rockwell Automation Logix Controllers

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Logix Controllers Vulnerability: Inclusion of Functionality from Untrusted Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...

GHSA-7JH8-GHWC-82CW Cross-site Scripting (XSS) vulnerability in Jenkins Continuous Integration with Toad Edge Plugin

Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier does not apply Content-Security-Policy headers to report files it serves, resulting in a stored cross-site scripting XSS exploitable by attackers with Item/Configure permission or otherwise able to control report contents...

GHSA-Q787-QGW2-J2QF Stored Cross-site Scripting vulnerability in Jenkins Tests Selector Plugin

Jenkins Tests Selector Plugin 1.3.3 and earlier does not escape the Properties File Path option for Choosing Tests parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...