Category Archives: Advisories

CVE-2020-22984

Read Time:9 Second

Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via key parameter to the getGoogleExtraConfig task.

Read More

CVE-2021-0126

Read Time:8 Second

Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

Read More

CVE-2021-0153

Read Time:8 Second

Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Read More

CVE-2021-0154

Read Time:8 Second

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Read More

CVE-2021-0155

Read Time:8 Second

Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

Read More

CVE-2021-0159

Read Time:9 Second

Improper input validation in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Read More

CVE-2021-0188

Read Time:9 Second

Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Read More

CVE-2021-0189

Read Time:9 Second

Use of out-of-range pointer offset in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Read More

SEC Consult SA-20220512-0 :: Sandbox Escape with Root Access & Clear-text passwords in Konica Minolta bizhub MFP Printer Terminals

Read Time:18 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on May 12

SEC Consult Vulnerability Lab Security Advisory < 20220512-0 >
=======================================================================
title: Sandbox Escape with Root Access & Clear-text passwords
product: Multiple Konica Minolta bizhub MFP Printer Terminals
vulnerable version: see vulnerable / tested versions below
fixed version: see solution section below
CVE number: CVE-2022-29586,…

Read More