CVE-2022-25180

Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds, allowing attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline...

CVE-2022-25180

Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds, allowing attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline...

CVE-2022-25180

Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds, allowing attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline...

PT-2022-17120 · Jenkins · Jenkins Pipeline: Groovy Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline: Groovy Plugin versions 2648.va9433432b33c and earlier Description: The issue allows attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline, as password...

Vulnerabilities that aren’t. Unquoted Spaces

I’ve covered a couple of web vulnerabilities that mostly aren’t, and now it’s time for a Windows specific one. A common finding from build reviews and CIS comparisons: unquoted spaces in service or run paths. What is it? Windows has always been inconsistent in how its API handles uncommon...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

This repository is a proof-of-concept PoC exploit for CVE-2021-4034, a vulnerability in the polkit privilege escalation exploit. The exploit is implemented in C and uses the execve system call to execute a shell with elevated privileges. The vulnerability is related to the way polkit handles user...

CVE-2022-22004

Microsoft Office ClickToRun Remote Code Execution Vulnerability...

PT-2022-1669 · Microsoft · 365 Apps For Enterprise +1

Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Microsoft 365 Apps for Enterprise affected versions not specified Description: The issue is related to incorrect code generation management in the Click-to-Run C2R service for Microsoft Office...

sNOTE.sol#_mintFromAssets() Lack of slippage control

Handle WatchPug Vulnerability details ttps://github.com/code-423n4/2022-01-notional/blob/d171cad9e86e0d02e0909eb66d4c24ab6ea6b982/contracts/sNOTE.solL195-L209 BALANCERVAULT.joinPoolvalue: msgValue NOTEETHPOOLID, addressthis, addressthis, // sNOTE will receive the BPT IVault.JoinPoolRequest assets...

makeProposal can be front run with an arbitrary proposal modifications, enabling griefing attack

Handle hyh Vulnerability details Impact Griefing attack is possible for makeProposal as proposal details can be modified by anyone. Proposal setters have no access controls, requiring only that proposal be not current, so when makeProposal is executed after the preparation phase an attacker can...

ConvexYieldWrapper wrap can be front-run

Handle hyh Vulnerability details Impact Now wrap operate with tokens that were sent to the contract before, expecting a user to deal with any front running issues. If a user will not make actual token transfer and wrap atomic, i.e. will not run them from an another contract within one transaction...

Exploit for Integer Overflow or Wraparound in Linux Linux_Kernel

Container running cve-2022-0185 crash POC !seccomp or busth...

An Armful of CHERIs

Today, Arm announced that the first silicon supporting the Morello prototype architecture, a research project led by Arm, Microsoft, University of Cambridge and others, is now available on a limited run of demonstration boards, which are being shipped from today to industry partners for testing...

The vulnerability of Thunderbird email client, Firefox and Firefox ESR browsers, related to the use of memory after it is freed due to the “race condition” during audio playback, allows a hacker to create a specially crafted sound shell, trigger a use-after-free error, and execute arbitrary code within the system.

The vulnerability of the Thunderbird email client, as well as browsers Firefox and Firefox ESR, is related to the use of memory after it is freed due to a race condition during the playback of audio files. Exploiting this vulnerability can allow an attacker to create a specially crafted sound...

Microsoft Office 365 (2016 Click-to-Run) Multiple RCE And Security Bypass Vulnerabilities (Jul 2021)

This host is missing a critical security update according to Microsoft Office Click-to-Run updates. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

DEBIAN-CVE-2022-23132

During Zabbix installation from RPM, DACOVERRIDE SELinux capability is in use to access PID files in /var/run/zabbix folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level...

Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Dec 2022)

This host is missing a critical security update according to Microsoft Office Click-to-Run updates SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

[WP-M4] NonUSTStrategy.sol Lack of slippage control

Handle WatchPug Vulnerability details function swapUnderlyingToUst internal uint256 underlyingBalance = getUnderlyingBalance; if underlyingBalance 0 // slither-disable-next-line unused-return curvePool.exchangeunderlying underlyingI, ustI, underlyingBalance, 0 ; The current implementation of...

CVE-2022-0129

Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library DLL gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process wa...

Description of the security update for Office 2013: January 11, 2022 (KB5002124)

Description of the security update for Office 2013: January 11, 2022 KB5002124 Summary This security update resolves a Microsoft Office remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2022-21840. Note: To apply thi...