CVE-2022-29828

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project file or execute programs illegally...

CVE-2022-29825

Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.090U, GT Designer3 Version1 GOT2000 versions from 1.122C to 1.290C, and MT Works2 versions from 1.100E to 1.200J allows an unauthenticated attacker to disclose sensitive information. As a result,...

CVE-2022-29827

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project files or execute programs illegally...

CVE-2022-29826

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.087R and Motion Control SettingGX Works3 related software versions from 1.000A to 1.042U allows a remote unauthenticated attacker to disclose sensitive information. As a result,...

CVE-2022-29827

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project files or execute programs illegally...

MariaDB 10.0.0 < 10.0.32 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.0.32. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.0.32 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected...

MariaDB 10.2.0 < 10.2.8 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.2.8. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.2.8 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected ar...

MariaDB 10.1.0 < 10.1.33 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.1.33. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.1.33 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.3...

Microsoft Exchange Server Elevation of Privilege Vulnerability (CNVD-2022-89608)

Microsoft Exchange Server is a set of email service programs from Microsoft Corporation USA. It provides mail access, storage, forwarding, voice mail, mail filtering and other functions. An attacker could exploit this vulnerability to elevate privileges...

OPERA1ER APT Hackers Targeted Dozens of Financial Organizations in Africa

A French-speaking threat actor dubbed OPERA1ER has been linked to a series of more than 30 successful cyber attacks aimed at banks, financial services, and telecom companies across Africa, Asia, and Latin America between 2018 and 2022. According to Singapore-headquartered cybersecurity company...

RLSA-2022:7119 Moderate: mysql:8.0 security, bug fix, and enhancement update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.30. Security Fixes: mysql: Server: DML multiple unspecified...

Hardening of TypedArrays with non-canonical numeric property names in SES

Impact What kind of vulnerability is it? Who is impacted? In Hardened JavaScript, programs can harden objects to safely share objects with co-tenant programs without risk of these other programs tampering with their API surface. Hardening does not guarantee that objects are pure or immutable, so ...

GHSA-WHPX-Q3RQ-W8JC Hardening of TypedArrays with non-canonical numeric property names in SES

Impact What kind of vulnerability is it? Who is impacted? In Hardened JavaScript, programs can harden objects to safely share objects with co-tenant programs without risk of these other programs tampering with their API surface. Hardening does not guarantee that objects are pure or immutable, so ...

CVE-2022-41576

The rphone module has a script that can be maliciously modified.Successful exploitation of this vulnerability may cause irreversible programs to be implanted on user devices...

Design/Logic Flaw

The rphone module has a script that can be maliciously modified.Successful exploitation of this vulnerability may cause irreversible programs to be implanted on user devices...

CVE-2022-41576

The rphone module has a script that can be maliciously modified.Successful exploitation of this vulnerability may cause irreversible programs to be implanted on user devices...

CVE-2022-41715

Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consu...

CVE-2022-41576

CVE-2022-41576 affects Huawei HarmonyOS’s rphone module, where a script can be maliciously modified. Successful exploitation may implant irreversible programs on user devices. The provided documents do not reveal a public fix or affected versions; monitor for updates.

USN-5666-1: OpenSSH vulnerability

It was discovered that OpenSSH incorrectly handled certain helper programs. An attacker could possibly use this issue to arbitrary code execution...

USN-5666-1 openssh vulnerability

It was discovered that OpenSSH incorrectly handled certain helper programs. An attacker could possibly use this issue to arbitrary code execution...