3795 matches found
GSD-2022-1008297 bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
bpf, testrun: Fix alignment problem in bpfprogtestrunskb This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.300 by commit...
GSD-2022-1007925 bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
bpf, testrun: Fix alignment problem in bpfprogtestrunskb This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.80 by commit...
PT-2022-36316 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.156 Description: The issue is related to an alignment problem in the bpf prog test run skb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
CVE-2022-44620
Improper authentication vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...
Steal deposit fund in ERC4626 vault by exchange rate manipulation
Lines of code Vulnerability details Impact Although the PirexERC4626 and AutoPxGlp contract check for 0 shares, the rounding down error can still be used to steal new user deposit. Part of the new deposit could be stolen. The attacker may monitor the pool activities to catch the steal...
The vulnerability of the run_id parameter in the Example Dags function of the Airflow software for data processing tasks allows a attacker to execute arbitrary commands.
The vulnerability of the runid parameter in the Example Dags function of the Airflow software for data processing scenario creation, monitoring, and orchestration is related to incorrect code generation. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary...
Microsoft Office 365 (2016 Click-to-Run) Multiple RCE Vulnerabilities (Apr 2022)
This host is missing a critical security update according to Microsoft Office Click-to-Run updates SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Exploit for Improper Input Validation in Imagemagick
Container Escape Exploit This is a container escape exploit t...
OSV-2022-1172 UNKNOWN WRITE in instantiate_many::_::run::hb58bf0fc7b8817e5
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53381 Crash type: UNKNOWN WRITE Crash state: instantiatemany::::run::hb58bf0fc7b8817e5...
kernel: netfilter: flowtable: fix stuck flows on cleanup due to pending work
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: fix stuck flows on cleanup due to pending work To clear the flow table on flow table free, the following sequence normally happens in order: 1 gcstep work is stopped to disable any further stats/del requests...
Arbitrary Code Execution
apacheairflow is vulnerable to arbitrary code execution. The vulnerability exists in example DAGs of examplebashoperator.py which allows an attacker to execute arbitrary commands via the manually provided runid parameter...
PYSEC-2022-42982
A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided runid parameter. This issue affects Apache Airflow Apache Airflow versions prior to 2.4.0...
PT-2022-5600 · Apache · Apache Airflow
Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.4.0 Description: A vulnerability in Example Dags of Apache Airflow is related to incorrect management of code generation. This issue allows an attacker with UI access who can trigger DAGs to execute arbitrar...
Initialization function can be front-run
Lines of code Vulnerability details Detailed description of the impact of this finding: Exchange.sol has initialization function that can be front-run, allowing an attacker to incorrectly initialize the contract. Due to the use of the delegatecall proxy pattern, Exchange.sol cannot be initialized...
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.
...
Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Nov 2022)
This host is missing a critical security update according to Microsoft Office Click-to-Run update November 2022 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2022-41205
SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful exploitation, the attacker can gain access to registries which can cause a limited impact on confidentiality and high impact on availability of the application...
Hacker can front-run the L2 ERC20 token deployment.
Lines of code Vulnerability details Impact hacker can front-run the L2 ERC20 token deployment to block L2 ERC20 token finalizeDeposit Proof of Concept I intend to prove this piece of code is front-runnable by hacker: /// @notice Finalize the deposit and mint funds /// @param l1Sender The account...
November 1, 2022, update for Office 2016 (KB5002306)
November 1, 2022, update for Office 2016 KB5002306 This article describes update 5002306 for Microsoft Office 2016 that was released on November 1, 2022.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply...
Front-running approve function
Lines of code Vulnerability details Description There is approve function in a DolaBorrowingRights. Let's say that Alice wants to increase the approval for Bob from 10 to 20. Alice calls the approve or permit function. Then, Bob can front-run the transaction by spending the 10 tokens and getting...