Read Time:7 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability.
Daily Archives: October 21, 2022
ZDI-22-1460: SolarWinds Network Performance Monitor PropertyBagJsonConverter Deserialization of Untrusted Data Remote Code Execution Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability.
ZDI-22-1461: SolarWinds Network Performance Monitor MessageToBytes Deserialization of Untrusted Data Remote Code Execution Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability.
ZDI-22-1462: (Pwn2Own) Linux Kernel io_uring Improper Update of Reference Count Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-1441: Siemens Solid Edge Viewer DWG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1442: Oracle VirtualBox COM RPC Interface Improper Access Control Local Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.
ZDI-22-1443: Oracle Access Management CustomReadServlet Directory Traversal Information Disclosure Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle Access Management. Authentication is not required to exploit this vulnerability.
ZDI-22-1444: Oracle VirtualBox VRDP Double Free Remote Code Execution Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle VirtualBox. Authentication is not required to exploit this vulnerability.
moby-engine-20.10.20-1.fc37
Read Time:8 Second
FEDORA-2022-2c33bba286
Packages in this update:
moby-engine-20.10.20-1.fc37
Update description:
Update to 20.10.20.
Mitigates CVE-2022-39253
moby-engine-20.10.20-1.fc36
Read Time:8 Second
FEDORA-2022-12790ca71a
Packages in this update:
moby-engine-20.10.20-1.fc36
Update description:
Update to 20.10.20.
Mitigates CVE-2022-39253