ZDI-22-1460: SolarWinds Network Performance Monitor PropertyBagJsonConverter Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. Read...
ZDI-22-1459: SolarWinds Network Performance Monitor DeserializeFromStrippedXml Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. Read...
ZDI-22-1458: GNU Gzip zgrep Argument Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GNU Gzip. Interaction with this script is required to exploit this vulnerability...
ZDI-22-1457: Linux Kernel nftables Uninitialized Variable Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute...
ZDI-22-1456: LibreOffice Exposed Dangerous Function Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LibreOffice. User interaction is required to exploit this vulnerability in that the...
ZDI-22-1455: (Pwn2Own) Kepware KEPServerEX Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX. Authentication is not required to exploit this vulnerability. Read More
ZDI-22-1454: (Pwn2Own) Kepware KEPServerEX Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX. Authentication is not required to exploit this vulnerability. Read More
ZDI-22-1453: Delta Industrial Automation DIAEnergie Use Of Hard-Coded Credentials Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Delta Industrial Automation DIAEnergie. Authentication is not required to exploit this vulnerability. Read...
moby-engine-20.10.20-1.fc37
FEDORA-2022-2c33bba286 Packages in this update: moby-engine-20.10.20-1.fc37 Update description: Update to 20.10.20. Mitigates CVE-2022-39253 Read More
moby-engine-20.10.20-1.fc36
FEDORA-2022-12790ca71a Packages in this update: moby-engine-20.10.20-1.fc36 Update description: Update to 20.10.20. Mitigates CVE-2022-39253 Read More