This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Category Archives: Advisories
ZDI-22-1243: Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1242: Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1241: Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1240: Siemens Simcenter Femap X_T File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
SEC Consult SA-20220915-0 :: Local Privilege Escalation im SAP® SAPControl Web Service Interface (sapuxuserchk)
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Sep 15
SEC Consult Vulnerability Lab Security Advisory < 20220915-0 >
=======================================================================
title: Local privilege escalation
product: SAP® SAPControl Web Service Interface (sapuxuserchk)
vulnerable version: see section “Vulnerable / tested versions”
fixed version: see SAP security note 3158619
CVE number: CVE-2022-29614…
SEC Consult SA-20220914-0 :: Improper Access Control in SAP® SAProuter
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Sep 15
SEC Consult Vulnerability Lab Security Advisory < 20220914-0 >
=======================================================================
title: Improper Access Control
product: SAP® SAProuter
vulnerable version: see section “Vulnerable / tested versions”
fixed version: see SAP security note 3158375
CVE number: CVE-2022-27668
impact: high
homepage:…
over 2000 packages depend on abort()ing libgmp
Posted by Georgi Guninski on Sep 15
ping world
libgmp is library about big numbers.
it is not a library for very big numbers, because
if libgmp meets a very big number, it calls abort()
and coredumps.
2442 packages depend on libgmp on ubuntu20.
guest3@ubuntu20:~/prim$ apt-cache rdepends libgmp10 | wc -l
2442
gawk crash:
guest3@ubuntu20:~/prim$ gawk –bignum ‘BEGIN { a = 2 ^ 2 ^41; print “a =”, a }’
gmp: overflow in mpz type
Aborted (core dumped)…
CVE-2020-23551
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e30.
CVE-2020-23552
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e62.