Johnson Controls Metasys

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Johnson Controls Equipment: Metasys ADS/ADX/OAS Servers Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could result in exposed credentials in plain text...

Input validation

The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file via an AJAX action available to any authenticated users, which could allow users with a role as low as subscriber to read arbitrary files on the server...

CVE-2022-4236 Welcart e-Commerce < 2.8.5 - Subscriber+ Arbitrary File Access

The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file via an AJAX action available to any authenticated users, which could allow users with a role as low as subscriber to read arbitrary files on the server...

SUSE-SU-2022:4622-1 Security update for freeradius-server

This update for freeradius-server fixes the following issues: - CVE-2022-41859: Fixes an information leakage in EAP-PWD bsc1206204. - CVE-2022-41860: Fixes a crash on unknown option in EAP-SIM bsc1206205. - CVE-2022-41861: Fixes a crash on invalid abinary data bsc1206206...

CVE-2022-23556: Attackers may spoof IP address when using proxy

Impact This vulnerability may allow attackers to spoof their IP address when your server is behind a reverse proxy. Patches Upgrade to v4.2.11 or later, and configure Config\App::$proxyIPs. Workarounds Do not use $request-getIPAddress. References -...

WordPress Simple:Press plugin path traversal vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. WordPress plugin Simple:Press 6.8 and earlier versions have a path traversal vulnerability, which stems...

uatech Badaso Remote Command Execution Vulnerability

Badaso is an open source Laravel Vue headless CMS. A remote command execution vulnerability exists in uatech Badaso version 2.6.3, which stems from a failure to properly validate user uploaded data and can be exploited by an unauthenticated, remote attacker to remotely execute arbitrary code on t...

CVE-2022-45047

A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server. Mitigation From the maintainer: For Apache MINA SSHD =...

Information Disclosure

rh-mysql80-mysql is vulnerable to information disclosure. The vulnerability exists in the Server: Security: Encryption component, allowing an attacker to get read access to a subset of MySQL Server accessible data through the multiple protocols...

Updated x11-server packages fix security vulnerability

Buffer overflow in function GetCountedString of the file xkb/xkb.c. CVE-2022-3550 Memory leak in the function ProcXkbGetKbdByName of the file xkb/xkb.c. CVE-2022-3551...

MariaDB 10.2.0 < 10.2.15 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.2.15. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.2.15 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.3...

CVE-2022-38165

Arbitrary file write in F-Secure Policy Manager through 2022-08-10 allows unauthenticated users to write the file with the contents in arbitrary locations on the F-Secure Policy Manager Server...

CVE-2022-44000

BACKCLICK Professional 5.9.63 is affected by CVE-2022-44000 due to an exposed internal communications interface that enables arbitrary system command execution on the server. The vulnerability stems from access to an internal interface, allowing remote code execution with no privileges required (...

CVE-2022-44000

An issue was discovered in BACKCLICK Professional 5.9.63. Due to an exposed internal communications interface, it is possible to execute arbitrary system commands on the server...

Not Just for the Government: Using the NIST Framework to Secure WordPress

When setting up a WordPress website, it is easy to focus on the look and feel of the website, while overlooking the important aspect of security. This makes sense, because the security of a website is largely invisible until something goes wrong. Installing a cybersecurity plugin like Wordfence...

CVE-2022-43691

Concrete CMS formerly concrete5 below 8.5.10 and between 9.0.0 and 9.1.2 inadvertently disclose server-side sensitive information secrets in environment variables and server information when Debug Mode is left on in production...

Hardcoded credentials

All versions of ETIC Telecom Remote Access Server RAS 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to store malicious files on the server, which could override sensitive and useful existing files on the filesystem, fill the hard disk to full...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Security: Encryption component, allowing an attacker to cause an application crash through the multiple protocols...

RLSA-2022:7643 Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

froxlor/froxlor <= 0.10.38.2 - Authenticated Unrestricted File Upload to RCE

Description Unsafe file uploads occur when the web server fails to sufficiently validate the file’s size, type, name, contents, or what restrictions are placed on the file once it has been successfully uploaded. The application fails to validate files that are uploaded, allowing an attacker to...