USN-5651-1: strongSwan vulnerability
Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points (CDP) in certificates. A remote attacker could possibly use this...
USN-5614-2: Wayland vulnerability
USN-5614-1 fixed a vulnerability in Wayland. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Wayland incorrectly...
USN-5652-1: Linux kernel (Azure) vulnerabilities
It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an...
CVE-2022-33882 (autodesk_desktop)
Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app (ADA)....
Backdoor.Win32.Delf.eg / Unauthenticated Remote Command Execution
Posted by malvuln on Oct 03 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/de6220a8e8fcbbee9763fb10e0ca23d7.txt Contact: malvuln13 () gmail com Media:...
Backdoor.Win32.NTRC / Weak Hardcoded Credentials
Posted by malvuln on Oct 03 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/273fd3f33279cc9c0378a49cf63d7a06.txt Contact: malvuln13 () gmail com Media:...
WordPress plugin – WPvivid Backup – CVE-2022-2863.
Posted by Rodolfo Tavares via Fulldisclosure on Oct 03 =====[ Tempest Security Intelligence - ADV-15/2022 ]========================== Wordpress plugin - WPvivid Backup - Version < 0.9.76...
CVE-2022-3128 (donation_thermometer)
The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin...
CVE-2022-3132 (goolytics)
The Goolytics WordPress plugin before 1.1.2 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting...
CVE-2022-3125 (frontend_file_manager)
The Frontend File Manager Plugin WordPress plugin before 21.3 allows any authenticated users, such as subscriber, to rename a file to an arbitrary extension, like...