Read Time:7 Second
Douglas Mendizabal discovered that Barbican incorrectly handled certain
query strings. A remote attacker could possibly use this issue to bypass
the access policy.
Category Archives: Advisories
ZDI-22-1466: TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability
Read Time:10 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
ZDI-22-1465: GnuPG libksba CRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:10 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GnuPG libksba. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
ZDI-22-1464: GnuPG libksba CMS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:10 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GnuPG libksba. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
ZDI-22-1463: GnuPG libksba CMS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:10 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GnuPG libksba. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
ZDI-22-1468: (0Day) Corel CorelDRAW Graphics Suite GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Corel CorelDRAW Graphics Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1467: (0Day) IronCAD STP File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
Read Time:11 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IronCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1476: (0Day) Corel CorelDRAW Graphics Suite PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1475: (0Day) Corel CorelDRAW Graphics Suite PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1474: (0Day) Corel CorelDRAW Graphics Suite EMF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.