Read Time:6 Second
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.
Category Archives: Advisories
logrotate-3.18.1-4.fc35
Read Time:12 Second
FEDORA-2022-ff0188b37c
Packages in this update:
logrotate-3.18.1-4.fc35
Update description:
lockState: do not print error: when exit code is unaffected (#2090926)
fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
logrotate-3.18.0-5.fc34
Read Time:12 Second
FEDORA-2022-14f7b1a698
Packages in this update:
logrotate-3.18.0-5.fc34
Update description:
lockState: do not print error: when exit code is unaffected (#2090926)
fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
ZDI-22-805: KeySight N6841A RF Sensor UserFirmwareRequestHandler Directory Traversal Information Disclosure Vulnerability
Read Time:8 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of KeySight N6841A RF Sensor. Authentication is not required to exploit this vulnerability.
ZDI-22-804: KeySight N6841A RF Sensor Deserialization of Untrusted Data Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of KeySight N6841A RF Sensor. Authentication is not required to exploit this vulnerability.
ZDI-22-803: Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:10 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
ZDI-22-802: Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:10 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
ZDI-22-801: Trend Micro Internet Security Exposed Dangerous Method Information Disclosure Vulnerability
Read Time:12 Second
This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Internet Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-800: Trend Micro Internet Security Out-Of-Bounds Read Information Disclosure Vulnerability
Read Time:12 Second
This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Internet Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-799: (Pwn2Own) Mozilla Firefox Top-Level Await Prototype Pollution Remote Code Execution Vulnerability
Read Time:11 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.