ZDI-22-534: (Pwn2Own) HP LaserJet Pro MFP M283fdw ScanJobs Memory Corruption Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of HP LaserJet Pro MFP M283fdw printers. Authentication is not required to...
ZDI-22-533: (Pwn2Own) HP LaserJet Pro MFP M283fdw eContactRestore Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of HP LaserJet Pro MFP M283fdw printers. Although authentication is required to exploit...
ZDI-22-532: (Pwn2Own) HP LaserJet Pro MFP M283fdw LLMNR Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP LaserJet Pro MFP M283fdw printers. Authentication is not required to exploit...
USN-5343-1: Linux kernel vulnerabilities
Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature....
USN-5340-1: CKEditor vulnerabilities
Kyaw Min Thein discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affects...
USN-5341-1: GNU binutils vulnerabilities
It was discovered that GNU binutils incorrectly handled checks for memory allocation when parsing relocs in a corrupt file. An attacker could possibly use this...
[KIS-2022-04] ImpressCMS <= 1.4.3 (findusers.php) SQL Injection Vulnerability
Posted by Egidio Romano on Mar 22 --------------------------------------------------------------- ImpressCMS <= 1.4.3 (findusers.php) SQL Injection Vulnerability --------------------------------------------------------------- [-] Software Link: https://www.impresscms.org [-] Affected Versions: Version 1.4.3...
[KIS-2022-03] ImpressCMS <= 1.4.2 (findusers.php) Incorrect Access Control Vulnerability
Posted by Egidio Romano on Mar 22 -------------------------------------------------------------------------- ImpressCMS <= 1.4.2 (findusers.php) Incorrect Access Control Vulnerability -------------------------------------------------------------------------- [-] Software Link: https://www.impresscms.org [-] Affected Versions: Version...
[KIS-2022-02] ImpressCMS <= 1.4.2 (image-edit.php) Path Traversal Vulnerability
Posted by Egidio Romano on Mar 22 ----------------------------------------------------------------- ImpressCMS <= 1.4.2 (image-edit.php) Path Traversal Vulnerability ----------------------------------------------------------------- [-] Software Link: https://www.impresscms.org [-] Affected Versions: Version 1.4.2...
[KIS-2022-01] ImpressCMS <= 1.4.2 (autologin.php) Authentication Bypass Vulnerability
Posted by Egidio Romano on Mar 22 ----------------------------------------------------------------------- ImpressCMS <= 1.4.2 (autologin.php) Authentication Bypass Vulnerability ----------------------------------------------------------------------- [-] Software Link: https://www.impresscms.org [-] Affected Versions: Version 1.4.2...