This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Yearly Archives: 2022
SEC Consult SA-20220915-0 :: Local Privilege Escalation im SAP® SAPControl Web Service Interface (sapuxuserchk)
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Sep 15
SEC Consult Vulnerability Lab Security Advisory < 20220915-0 >
=======================================================================
title: Local privilege escalation
product: SAP® SAPControl Web Service Interface (sapuxuserchk)
vulnerable version: see section “Vulnerable / tested versions”
fixed version: see SAP security note 3158619
CVE number: CVE-2022-29614…
SEC Consult SA-20220914-0 :: Improper Access Control in SAP® SAProuter
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Sep 15
SEC Consult Vulnerability Lab Security Advisory < 20220914-0 >
=======================================================================
title: Improper Access Control
product: SAP® SAProuter
vulnerable version: see section “Vulnerable / tested versions”
fixed version: see SAP security note 3158375
CVE number: CVE-2022-27668
impact: high
homepage:…
over 2000 packages depend on abort()ing libgmp
Posted by Georgi Guninski on Sep 15
ping world
libgmp is library about big numbers.
it is not a library for very big numbers, because
if libgmp meets a very big number, it calls abort()
and coredumps.
2442 packages depend on libgmp on ubuntu20.
guest3@ubuntu20:~/prim$ apt-cache rdepends libgmp10 | wc -l
2442
gawk crash:
guest3@ubuntu20:~/prim$ gawk –bignum ‘BEGIN { a = 2 ^ 2 ^41; print “a =”, a }’
gmp: overflow in mpz type
Aborted (core dumped)…
CVE-2020-23559 (irfanview)
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007d7f.
CVE-2020-23558
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007f4b.
CVE-2020-23557
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000755d.
CVE-2020-23556
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e28.
CVE-2020-23555
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e6e.
CVE-2020-23554
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e20.