This vulnerability allows remote attackers to execute arbitrary code on affected installations of ManageEngine OpManager Plus. Authentication is required to exploit this vulnerability.
Daily Archives: September 1, 2022
ZDI-22-1182: ManageEngine OpManager getNmapInitialOption Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ManageEngine OpManager. Authentication is required to exploit this vulnerability.
ZDI-22-1183: ManageEngine NetFlow Analyzer getDNSResolveOption Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ManageEngine NetFlow Analyzer. Authentication is required to exploit this vulnerability.
APPLE-SA-2022-08-31-1 iOS 12.5.6
Posted by Apple Product Security via Fulldisclosure on Aug 31
APPLE-SA-2022-08-31-1 iOS 12.5.6
iOS 12.5.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213428.
iOS 12 is not impacted by CVE-2022-32894.
WebKit
Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad
mini 2, iPad mini 3, and iPod touch (6th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of…
DSA-5223 chromium – security update
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.