run-terraform allows for RCE via terraform plan

Impact What kind of vulnerability is it? Who is impacted? All users of the run-terraform reusable workflow from the kartverket/github-workflows repo are affected. A malicious actor could potentially send a PR with a malicious payload leading to execution of arbitrary JavaScript code in the contex...

Exploit for Code Injection in Apache Commons_Text

CVE-2022-42889-POC A simple demo application that shows how to...

Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Oct 2022)

This host is missing a critical security update according to Microsoft Office Click-to-Run update October 2022 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

CVE-2022-37987

Windows Client Server Run-time Subsystem CSRSS Elevation of Privilege Vulnerability...

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

...

Siemens LOGO! 8 BM 安全漏洞

Siemens LOGO! 8 BM is a programming software for industrial environments for the Windows platform from Siemens Germany. Siemens LOGO! 8 BM suffers from a buffer overflow vulnerability that stems from an inability to properly validate the structure of a TCP packet through a variety of methods. An...

CVE-2022-37987

CVE-2022-37987 is a Windows CSRSS local privilege-elevation vulnerability in the Client Server Run-time Subsystem. The CVSSv3.1 base score is 7.8 (HIGH) with local attack vector, low attack complexity, and privileges required: LOW; impact to confidentiality, integrity, and availability is HIGH. A...

Iran State-Run TV’s Live Transmission Hacked by Edalate Ali Hackers

By Waqas As seen by Hackread.com, the Iranian broadcaster was hacked while airing a news bulletin on Saturday night. This is a post from HackRead.com Read the original post: Iran State-Run TVs Live Transmission Hacked by Edalate Ali Hackers...

Jenkins plugins Multiple Vulnerabilities (2022-09-21)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins 2.367 through 2.369 both inclusive does not escape tooltips of the l:helpIcon UI component used for some help icons on the Jenkins...

CVE-2022-42457

Generex CS141 through 2.10 allows remote command execution by administrators via a web interface that reaches runupdate in /usr/bin/gxserve-update.sh e.g., command execution can occur via a reverse shell installed by install.sh...

October 4, 2022, update for Office 2013 (KB5002274)

October 4, 2022, update for Office 2013 KB5002274 This article describes update 5002274 for Microsoft Office 2013 that was released on October 4, 2022. This update also applies to Office Home and Student 2013 RT.Be aware that the update in the Microsoft Download Center applies to the Microsoft...

[NAZ-M3] initialize() Can be Front-Run

Lines of code Vulnerability details Impact AlgebraPool.sol is deployed and initialized in two different transactions. This allows an attacker to be able front-run the AlgebraPool.sol's initialize after it's deployed. Proof of Concept The attacker can do this for two different reasons: 1. Price =...

CVE-2022-41233

Jenkins Rundeck Plugin 3.6.11 and earlier does not perform Run/Artifacts permission checks in multiple HTTP endpoints, allowing attackers with Item/Read permission to obtain information about build artifacts of a given job, if the optional Run/Artifacts permission is enabled...

An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.

...

GSD-2022-1005697 KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case

KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nestedrunpending case This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...

PT-2022-33639 · Linux · Kvm

Name of the Vulnerable Software and Affected Versions: KVM versions prior to v5.19.2 Description: The issue concerns the nVMX snapshot pre-VM-Enter BNDCFGS for the !nested run pending case. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior to...

mariadb: CONNECT storage engine heap-based buffer overflow

A flaw was found in MariaDB. Lack of input validation leads to a heap buffer overflow. This flaw allows an authenticated, local attacker with at least a low level of privileges to submit a crafted SQL query to MariaDB and escalate their privileges to the level of the MariaDB service user, running...

[SECURITY] Fedora 36 Update: protobuf-c-1.4.1-2.fc36

Protocol Buffers are a way of encoding structured data in an efficient yet extensible format. This package provides a code generator and run-time libraries to use Protocol Buffers from pure C not C++. It uses a modified version of protoc called protoc-c...

PT-2022-24256 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.3.4 Description: The issue is related to an insecure umask configuration in Apache Airflow when running with the --daemon flag. This could lead to a race condition, resulting in world-writable files in the...

Updated canna packages fix security vulnerability

Move UNIX socket dir from /tmp to /run to avoid local attackers being able to place bogus directories in its stead. CVE-2022-21950...