SEC Consult SA-20221201-0 :: Replay attacks & Displaying arbitrary contents in Zhuhai Suny Technology ESL Tag / ETAG-TECH protocol (electronic shelf labels)
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 08 SEC Consult Vulnerability Lab Security Advisory < 20221201-0 > ======================================================================= title: Replay attacks...
SEC Consult SA-20221130-0 :: Multiple critical vulnerabilities in Planet Enterprises Ltd – Planet eStream
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 08 SEC Consult Vulnerability Lab Security Advisory < 20221130-0 > ======================================================================= title: Multiple critical...
Race condition in snap-confine’s must_mkdir_and_open_with_perms() (CVE-2022-3328)
Posted by Qualys Security Advisory via Fulldisclosure on Dec 08 Qualys Security Advisory Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328) ======================================================================== Contents ======================================================================== Summary Background Exploitation...
Backdoor.Win32.Delf.gj / Information Disclosure
Posted by malvuln on Dec 08 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/8872c2ec49ff3382240762a029631684.txt Contact: malvuln13 () gmail com Media:...
Intel Data Center Manager <= 5.1 Local Privileges Escalation
Posted by Julien Ahrens (RCE Security) on Dec 08 RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Intel Data Center Manager Vendor URL: https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html...
[CVE-2022-21225] Intel Data Center Manager Console <= 4.1 “getRoomRackData" Authenticated (Guest+) SQL Injection
Posted by Julien Ahrens (RCE Security) on Dec 08 RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Intel Data Center Manager Vendor URL: https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html...
DSA-5298 cacti – security update
Two security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in unauthenticated command injection or LDAP...
flatpak-runtime-f37-3720221117153339.3 flatpak-sdk-f37-3720221117153339.3
FEDORA-FLATPAK-2022-cbf2e8ae04 Packages in this update: flatpak-runtime-f37-3720221117153339.3 flatpak-sdk-f37-3720221117153339.3 Update description: Updated flatpak runtime and SDK, including latest Fedora 37 security and bug-fix errata. Read More
CVE-2022-23469
Traefik is an open source HTTP reverse proxy and load balancer. Versions prior to 2.9.6 are subject to a potential vulnerability in Traefik displaying the...
USN-5770-1: GCC vulnerability
Todd Eisenberger discovered that certain versions of GNU Compiler Collection (GCC) could be made to clobber the status flag of RDRAND and RDSEED with specially...