This vulnerability allows local attackers to escalate privileges on affected installations of ABB e-Design. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Category Archives: Advisories
ZDI-22-879: ZyXel AP Configurator Incorrect Permission Assignment Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of ZyXel AP Configurator. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-878: Apple macOS PackageKit PKInstallService Directory Traversal System Integrity Protection Bypass Vulnerability
This vulnerability allows local attackers to bypass System Integrity Protection on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-877: Apple macOS PackageKit PKCoreShove Link Following System Integrity Protection Bypass Vulnerability
This vulnerability allows local attackers to bypass System Integrity Protection on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
DSA-5172 firefox-esr – security update
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code or spoofing.
vim-8.2.5172-1.fc35
FEDORA-2022-bb7f3cacbf
Packages in this update:
vim-8.2.5172-1.fc35
Update description:
Security fixes for CVE-2022-2124, CVE-2022-2129, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2231, CVE-2022-2210, CVE-2022-2207, CVE-2022-2208, CVE-2022-2206
vim-8.2.5172-1.fc36
FEDORA-2022-719f3ec21b
Packages in this update:
vim-8.2.5172-1.fc36
Update description:
Security fixes for CVE-2022-2124, CVE-2022-2129, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2231, CVE-2022-2210, CVE-2022-2208, CVE-2022-2207, CVE-2022-2206
pcs-0.11.3-1.fc37
FEDORA-2022-28e171f780
Packages in this update:
pcs-0.11.3-1.fc37
Update description:
Automatic update for pcs-0.11.3-1.fc37.
Changelog
* Tue Jun 28 2022 Miroslav Lisik <mlisik@redhat.com> – 0.11.3-1
– Rebased to latest upstream sources (see CHANGELOG.md)
– Updated pcs-web-ui
– Resolves: rhbz#2068452
Backdoor.Win32.InfecDoor.17.c / Insecure Permissions
Posted by malvuln on Jun 27
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/1fd70e41918c3a75c634b1c234ec36fb.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.InfecDoor.17.c
Vulnerability: Insecure Permissions
Description: The malware writes a “.420” settings file type to c drive
granting change (C) permissions to the authenticated user group. Standard
users can…
Trojan-Mailfinder.Win32.VB.p / Insecure Permissions
Posted by malvuln on Jun 27
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/20e438d84aa2828826d52540d80bf7f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan-Mailfinder.Win32.VB.p
Vulnerability: Insecure Permissions
Description: The malware writes a dir with multiple PE files to c drive
granting change (C) permissions to the authenticated user group. Standard
users can rename the…