CVE-2022-36032 ReactPHP's HTTP server parses encoded cookie names so malicious `__Host-` and `__Secure-` cookies can be sent

ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes...

CVE-2022-36032 ReactPHP's HTTP server parses encoded cookie names so malicious `__Host-` and `__Secure-` cookies can be sent

ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes...

CVE-2022-36032

CVE-2022-36032 affects ReactPHP HTTP server component versions 0.7.0 up to, but not including, 1.7.0. When processing incoming HTTP cookie values, cookie names are url-decoded, which can cause cookies with prefixes like __Host- and __Secure- to be confounded with decodings of other cookies. This ...

CVE-2022-36032 ReactPHP's HTTP server parses encoded cookie names so malicious `__Host-` and `__Secure-` cookies can be sent

ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes...

New EvilProxy Phishing Service Allowing Cybercriminals to Bypass 2-Factor Security

A new phishing-as-a-service PhaaS toolkit dubbed EvilProxy is being advertised on the criminal underground as a means for threat actors to bypass two-factor authentication 2FA protections employed against online services. "EvilProxy actors are using reverse proxy and cookie injection methods to...

CVE-2022-36044 Rizin Out-of-bounds Write vulnerability in Lua binary plugin

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from Luac files. A user opening a malicious Luac file could be affected by this vulnerability, allowing an attacker to execute code on t...

CVE-2022-36040 Rizin Out-of-bounds Write vulnerability in pyc/marshal.c

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from PYCpython files. A user opening a malicious PYC file could be affected by this vulnerability, allowing an attacker to execute code ...

PT-2022-23130 · Unknown · Reactphp Http

Name of the Vulnerable Software and Affected Versions: ReactPHP HTTP versions 0.7.0 through 1.7.0 Description: The issue arises when ReactPHP's HTTP server component processes incoming HTTP cookie values, url-decoding the cookie names. This can lead to confusion between cookies with prefixes like...

CVE-2022-36043

Rizin v0.4.0 and earlier are affected by a double-free in bobj.c:rz_bin_reloc_storage_free() when freeing relocations generated by the qnx binary plugin. A user opening a malicious qnx binary could achieve code execution. A patch addressing this issue is in commit a3d50c1ea185f3f642f2d8180715f82d...

CVE-2022-36041 Rizin Out-of-bounds Write vulnerability in Mach-O binary plugin

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when parsing Mach-O files. A user opening a malicious Mach-O file could be affected by this vulnerability, allowing an attacker to execute code on the...

CVE-2022-36040

CVE-2022-36040 affects Rizin up to version 0.4.0. It is an out-of-bounds write when getting data from PYC (Python) files, and a user opening a malicious PYC could cause code execution on the local system. The patch is recorded in commit 68948017423a12786704e54227b8b2f918c2fd27; advisories note up...

CVE-2022-36042

Rizin (versions ≤ 0.4.0) is vulnerable to an out-of-bounds write when processing dyld cache data, allowing code execution if a user opens a crafted dyld cache. The issue is tracked as CVE-2022-36042. A patch is available in commit 556ca2f9eef01ec0f4a76d1fbacfcf3a87a44810. Related advisories refer...

CVE-2022-36041

CVE-2022-36041 affects Rizin, a UNIX-like reverse engineering framework. The vulnerability is an out-of-bounds write when parsing Mach-O files in versions 0.4.0 and prior. A user opening a malicious Mach-O could allow code execution on the attacker’s machine. A patch is available in commit 7323e6...

CVE-2022-36044

CVE-2022-36044 affects Rizin 0.4.0 and earlier, due to an out-of-bounds write when processing Luac files. A malicious Luac file could allow code execution. Fixes are committed (07b43bc8... and 05bbd147...) and upstream/public advisories reference these patches. Connected sources note related fixe...

CVE-2022-36042 Rizin Out-of-bounds Write vulnerability in dyld cache binary plugin

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from dyld cache files. A user opening a malicious dyld cache file could be affected by this vulnerability, allowing an attacker to execu...

BeatRev - POC For Frustrating/Defeating Malware Analysts

BeatRev Version 2 Disclaimer/Liability The work that follows is a POC to enable malware to "key" itself to a particular victim in order to frustrate efforts of malware analysts. I assume no responsibility for malicious use of any ideas or code contained within this project. I provide this researc...

Exploit for Missing Authorization in Redis

CVE-2022-0543 Fully featured exploit for Redis RCE through Lua...

Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor 安全漏洞

The Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor is a vital signs patient monitor from Contec Health. A security vulnerability exists in the Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor that stems from multiple binary application files on the CMS8000 device...

Exploit for Path Traversal in Synacor Zimbra_Collaboration_Suite

Zimbra Unauthenticated Remote Code Execution Exploit CVE-2022-2...

CVE-2022-36121

An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for the UpdateOfflineHelpData...