Argo CD is vulnerable to a path traversal bug that allows to pass arbitrary values files to be consumed by Helm charts. Patches have been released for versions 2.3.0, 2.2.4, and 2.1.9.
c72ec87648df1bf1db82ddd2c376d6162184b99bceae3f511661c0a478686932CyberArk Vault versions prior to 7.20.37 suffer from multiple user enumeration vulnerabilities.
2c9165f3e7ef400778699bc7ee1575c639a581bd0fa9c04fa40e4fac52460c6cVMWare Tools is susceptible to binary planting / DLL hijacking.
a5afa2cae5897fae7262a3d6b11dc9f82588dd140249726ec6121a847aca0b9aGoogle Chrome developers, while trying to be adaptive and current, added some windows 8 helper functions to aid the development of Metro style behavior, but does not include the library file itself, thus resulting in an unqualified dynamic-link library call to 'metro_driver.dll'. A user with local disk access can carefully construct a DLL that suits the pattern that is being traversed by the client and implement it somewhere along the search path and the client will load it seamlessly.
dbb9d62577ac5b978fa6419192db9f6b4808436e28a90885a8548c968b26a7d8A vulnerability in Checkpoint Endpoint Connect VPN causes the client to be susceptible to an attack that result in arbitrary dynamic-library loading. A user with local disk access can carefully construct a DLL that suits a pattern that is being traversed by the client and implement it somewhere along the search path and the client will load it seamlessly.
4d25fbd959e5ee60f126bb396b30dab8ef0c294cb5f29ded00cd0c25b3d9e6f6PrivaWall Antivirus suffers from an Office XML format evasion / bypass vulnerability. Versions 5.6 and below are affected.
57c9ab5ac6dd39653d293a5937b5378a8b03f2696525cb2d336fa349b059e84b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed