Read Time:2 Second
Bid to improve critical national infrastructure continues
Monthly Archives: October 2022
GitHub Bug Exposed Repositories to Hijacking
Medibank Backtracks: All Customer Data Was Exposed to Hackers
curl-7.85.0-2.fc37
Read Time:17 Second
FEDORA-2022-e9d65906c4
Packages in this update:
curl-7.85.0-2.fc37
Update description:
url: use IDN decoded names for HSTS checks (CVE-2022-42916)
http_proxy: restore the protocol pointer on error (CVE-2022-42915)
netrc: replace fgets with Curl_get_line (CVE-2022-35260)
fix POST following PUT confusion (CVE-2022-32221)
curl-7.79.1-7.fc35
Read Time:17 Second
FEDORA-2022-39688a779d
Packages in this update:
curl-7.79.1-7.fc35
Update description:
url: use IDN decoded names for HSTS checks (CVE-2022-42916)
http_proxy: restore the protocol pointer on error (CVE-2022-42915)
netrc: replace fgets with Curl_get_line (CVE-2022-35260)
fix POST following PUT confusion (CVE-2022-32221)
curl-7.82.0-9.fc36
Read Time:17 Second
FEDORA-2022-01ffde372c
Packages in this update:
curl-7.82.0-9.fc36
Update description:
url: use IDN decoded names for HSTS checks (CVE-2022-42916)
http_proxy: restore the protocol pointer on error (CVE-2022-42915)
netrc: replace fgets with Curl_get_line (CVE-2022-35260)
fix POST following PUT confusion (CVE-2022-32221)
ZDI-22-1480: Delta Industrial Automation InfraSuite Device Master Device-DataCollect Service Deserialization of Untrusted Data Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation InfraSuite Device Master. Authentication is not required to exploit this vulnerability.
ZDI-22-1481: Delta Industrial Automation InfraSuite Device Master Device-Gateway CtrlLayerNWCmd_FileOperation Opcode 512 Directory Traversal Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation InfraSuite Device Master. Authentication is not required to exploit this vulnerability.
ZDI-22-1482: Delta Industrial Automation InfraSuite Device Master CtrlLayerNWCmd_FileOperation Directory Traversal Arbitrary File Deletion Vulnerability
Read Time:8 Second
This vulnerability allows remote attackers to delete arbitrary files on affected installations of Delta Industrial Automation InfraSuite Device Master. Authentication is not required to exploit this vulnerability.
ZDI-22-1483: Delta Industrial Automation InfraSuite Device Master CheckLoadingStartupConfig Directory Traversal Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation InfraSuite Device Master. Authentication is not required to exploit this vulnerability.