CVE-2020-36621
A vulnerability, which was classified as problematic, has been found in chedabob whatismyudid. Affected by this issue is the function exports.enrollment of the file routes/mobileconfig.js....
curl-7.85.0-5.fc37
FEDORA-2022-d7ee33d4ad Packages in this update: curl-7.85.0-5.fc37 Update description: smb/telnet: fix use-after-free when HTTP proxy denies tunnel (CVE-2022-43552) http: use the IDN decoded name in HSTS...
curl-7.82.0-12.fc36
FEDORA-2022-9836111c44 Packages in this update: curl-7.82.0-12.fc36 Update description: smb/telnet: fix use-after-free when HTTP proxy denies tunnel (CVE-2022-43552) http: use the IDN decoded name in HSTS...
ZDI-22-1686: VMware ESXi TCP/IP Memory Corruption Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of VMware ESXi. An attacker must first obtain the ability to execute low-privileged code...
ZDI-22-1685: Adobe Illustrator Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that...
ZDI-22-1684: Siemens JT2Go RAS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that...
ZDI-22-1683: Siemens Solid Edge Viewer X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability...
ZDI-22-1682: Apple Safari DFG JIT Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that...
SEC Consult SA-20221216-0 :: Remote code execution bypass in Eclipse Business Intelligence Reporting Tool (BiRT)
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 20 SEC Consult Vulnerability Lab Security Advisory < 20221216-0 > ======================================================================= title: Remote code...
SEC Consult Vulnerability Lab publication: The enemy from within: Unauthenticated Buffer Overflows in Zyxel routers still haunting users & metasploit exploit
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 20 Hi, earlier this year in February 2022, we published a technical security advisory...