This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation ASDA-Soft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Daily Archives: May 26, 2022
ZDI-22-796: Delta Industrial Automation ASDA-Soft PAR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation ASDA-Soft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-797: Trend Micro Apex One Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
USN-5445-1: Subversion vulnerabilities
Ace Olszowka discovered that Subversion incorrectly handled certain
svnserve requests. A remote attacker could possibly use this issue to cause
svnserver to crash, resulting in a denial of service. This issue only
affected Ubuntu 18.04 LTS. (CVE-2018-11782)
Tomas Bortoli discovered that Subversion incorrectly handled certain
svnserve requests. A remote attacker could possibly use this issue to cause
svnserver to crash, resulting in a denial of service. This issue only
affected Ubuntu 18.04 LTS. (CVE-2019-0203)
Thomas Åkesson discovered that Subversion incorrectly handled certain
inputs. An attacker could possibly use this issue to cause a denial of
service. (CVE-2020-17525)
DSA-5149 cups – security update
Joshua Mason discovered that a logic error in the validation of the
secret key used in the local authorisation mode of the CUPS printing
system may result in privilege escalation.