This vulnerability allows local attackers to delete arbitrary files on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-790: Trend Micro Apex One Incorrect Permission Assignment Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-791: Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-792: Apple macOS ImageIO WebP File Parsing Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
ZDI-22-793: Apple Safari WebGL generateMipmap Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-794: Apple macOS HEIC File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-795: Delta Industrial Automation ASDA-Soft SCP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation ASDA-Soft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-796: Delta Industrial Automation ASDA-Soft PAR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation ASDA-Soft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-797: Trend Micro Apex One Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
USN-5445-1: Subversion vulnerabilities
Ace Olszowka discovered that Subversion incorrectly handled certain
svnserve requests. A remote attacker could possibly use this issue to cause
svnserver to crash, resulting in a denial of service. This issue only
affected Ubuntu 18.04 LTS. (CVE-2018-11782)
Tomas Bortoli discovered that Subversion incorrectly handled certain
svnserve requests. A remote attacker could possibly use this issue to cause
svnserver to crash, resulting in a denial of service. This issue only
affected Ubuntu 18.04 LTS. (CVE-2019-0203)
Thomas Åkesson discovered that Subversion incorrectly handled certain
inputs. An attacker could possibly use this issue to cause a denial of
service. (CVE-2020-17525)