ICL ScadaFlex II SCADA Controllers SC-1/SC-2 version 1.03.07 is vulnerable to unauthenticated file write/overwrite and deletion. This allows an attacker to execute critical file CRUD operations on the device that can potentially allow system access and impact availability.
692f4de735fbbad8010644968c54cdfe4e595dc3154860210526aa667a9f2e0c
Red Hat Security Advisory 2022-0592-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
309b102eb4c93fc5c0e75351bfa6ae9f099da900cb14257534fb1df97107605f
Ubuntu Security Notice 5299-1 - Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information.
d8a0dffe787d4a58d1bd2849d246c1906fbde64a802ac79bc4262f763d9501ef
Backdoor.Win32.Dsocks.10 malware suffers from a hardcoded cleartext password vulnerability.
817c1496596745657a375c08e83dae54e0fd2601f555a455ca7c0f238559f3a9
Ubuntu Security Notice 5298-1 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. J
09c5b3fccd425392b5367e56e1a647931c3ab62c1011ad7cd2bfc5d674d117af
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
aa53591e89eacc3491ab472dc4df998780fb6747eea3b97ecb7a9f81ff2c9a5e
Red Hat Security Advisory 2022-0590-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
0938412c0f6a72492867ad9c15b093af2fe77335328f5d59beb7ae9e9c61656f
Agirhnet version 1.0 suffers from a cross site scripting vulnerability.
30d0e2698d37303673cbbc65cd896bd2a88911638e7bbeca862a1ee323d4f620
Ubuntu Security Notice 5294-2 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
5105eb29948fcb5529fd8e2dd4f4213888887afb870b9269ae382729e9917fae
Backdoor.Win32.Agent.baol malware suffers from an insecure permissions vulnerability.
3625b4c134ff3abc67dfdcc8b3212b0e5aabe18d3f1bba013c3275c3a0025d56
Red Hat Security Advisory 2022-0589-01 - This release of Red Hat build of Quarkus 2.2.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include code execution and deserialization vulnerabilities.
3833d4591eef0c8e294a68978de238414c1e043c112a2e78b5695c6e4ec918d9
Ubuntu Security Notice 5297-1 - Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
980f289a042ba936f0cb85b0ddd84821719c9ed533807a57016c9733fb2ff925
WordPress 99robots Header Footer Code Manager plugin versions 1.1.16 and below suffer from a cross site scripting vulnerability.
989d395c3d66b15fe519bc0c80e99d2eaaa476e1800da8e837d7674b16acc7fd
Ubuntu Security Notice 5295-2 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
6e16b06a5023be6ffa2a13a9d5e710e7e9884f26097c1fab4798cf891a79ce27
Red Hat Security Advisory 2022-0587-01 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring.
69221c995999000262f3ad72a35c8c08448f96eb18ceb584ed1bcd92adf93124
Ubuntu Security Notice 5288-1 - It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
c40b61782ae2425638951702b57435a730c7811f86478d3e11ce4f4140f42d83
Air Cargo Management System version 1.0 suffers from a remote SQL injection vulnerability.
46b6e5a62bd12c284306f85664415adc82feb0cacb4508ef61da23bd712cb9f7
Red Hat Security Advisory 2022-0585-01 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring.
e3736ed038216370a7604f5c59b16e7473f02dc6af7d9e7b2156673cde467d8b
Ubuntu Security Notice 5293-1 - Aaron Massey discovered that c3p0 could be made to crash when parsing certain input. An attacker able to modify the application's XML configuration file could cause a denial of service.
e3ad3c51b46aa66cdc3fda5d795ca77cecc6c99bc9d93be6b7d6bdb878753dce
Trojan.Win32.Cosmu.abix malware suffers from an insecure permissions vulnerability.
59205eeb61b229c06ebcfdf924970b39bc5b177114f6ed95cc50c957ece1ca5a