ZDI-22-532: (Pwn2Own) HP LaserJet Pro MFP M283fdw LLMNR Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP LaserJet Pro MFP M283fdw printers. Authentication is not required to exploit...
USN-5343-1: Linux kernel vulnerabilities
Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature....
USN-5340-1: CKEditor vulnerabilities
Kyaw Min Thein discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affects...
USN-5341-1: GNU binutils vulnerabilities
It was discovered that GNU binutils incorrectly handled checks for memory allocation when parsing relocs in a corrupt file. An attacker could possibly use this...
[KIS-2022-04] ImpressCMS <= 1.4.3 (findusers.php) SQL Injection Vulnerability
Posted by Egidio Romano on Mar 22 --------------------------------------------------------------- ImpressCMS <= 1.4.3 (findusers.php) SQL Injection Vulnerability --------------------------------------------------------------- [-] Software Link: https://www.impresscms.org [-] Affected Versions: Version 1.4.3...
[KIS-2022-03] ImpressCMS <= 1.4.2 (findusers.php) Incorrect Access Control Vulnerability
Posted by Egidio Romano on Mar 22 -------------------------------------------------------------------------- ImpressCMS <= 1.4.2 (findusers.php) Incorrect Access Control Vulnerability -------------------------------------------------------------------------- [-] Software Link: https://www.impresscms.org [-] Affected Versions: Version...
[KIS-2022-02] ImpressCMS <= 1.4.2 (image-edit.php) Path Traversal Vulnerability
Posted by Egidio Romano on Mar 22 ----------------------------------------------------------------- ImpressCMS <= 1.4.2 (image-edit.php) Path Traversal Vulnerability ----------------------------------------------------------------- [-] Software Link: https://www.impresscms.org [-] Affected Versions: Version 1.4.2...
[KIS-2022-01] ImpressCMS <= 1.4.2 (autologin.php) Authentication Bypass Vulnerability
Posted by Egidio Romano on Mar 22 ----------------------------------------------------------------------- ImpressCMS <= 1.4.2 (autologin.php) Authentication Bypass Vulnerability ----------------------------------------------------------------------- [-] Software Link: https://www.impresscms.org [-] Affected Versions: Version 1.4.2...
swaylock-1.6-1.fc34
FEDORA-2022-194c3da292 Packages in this update: swaylock-1.6-1.fc34 Update description: Update to version 1.6. Contains security fix for CVE-2022-26530. Read More
USN-5339-1: Linux kernel vulnerabilities
Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature....