Ubuntu Security Notice 5292-1 - James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to expose sensitive information. Ian Johnson discovered that snapd did not properly validate content interfaces and layout paths. A local attacker could possibly use this issue to inject arbitrary AppArmor policy rules, resulting in a bypass of intended access restrictions.
cd903c8b5359411ecb8e840d467ea204ce37f54e4b2751f2d53a192802d1ce9d
Hotel Druid version 3.0.3 suffers from a remote code execution vulnerability.
7744db6e72d7f36eeaaf02fcc2e34ca731580136eb6a6685b03172941236ce62
Red Hat Security Advisory 2022-0580-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a traversal vulnerability.
14e508f8b5ba4605bd8db42f72278f20a3b7e049cd664a90973860fae75556f7
Whitepaper called OPENSSLDIR - The adventures of hidden folder to privilege escalation.
169de44bba1064b1fdf63754db8a9eba9c5bd777fa8e4e5dd12cb47dfe4af528
Cosmetics and Beauty Product Online Store version 1.0 suffers from a remote SQL injection vulnerability.
8c96834a21c7c1412cd4faf4cbbcbefa7d9d6c0ab4c866b01e5136099c7e1647
Cosmetics and Beauty Product Online Store version 1.0 suffers from an html injection vulnerability that may allow for cross site scripting attacks.
57638540f832830c3b440d78b2f5475814d86031a79a01dbb9864f7e31ab7ac5
64 bytes small Solaris/SPARC setuid(0) + chmod (/bin/ksh) + exit(0) shellcode.
ac0a8ce6fdd207649a67626e1818a1afd680783d1a46fb94677718a1d1994210
60 bytes small Solaris/SPARC setuid(0) + execve (/bin/ksh) shellcode.
d785c150823ddd32cb42d29580182ea9055608bea403fff7662eca6bf006f946
Linux/MIPS N32 MSB reverse shell shellcode that showcases various techniques to avoid badchars.
b1b0100dc2ab1910886ea650ac52df457851a4b14a3d07a98e33678c077b6d6e
Solaris/SPARC chmod() shellcode with a max size of 36 bytes.
844bef47108ea6b399c1949416ca0526422e2fc8ce504d583c3f36aaa4144470
TOSHIBA DVD PLAYER Navi Support Service version 1.00.0000 suffers from an unquoted service path vulnerability.
2cc1d1500b86df40a56c75f038edc816da6770b8e20d92d568bd6cf54a307371
Bluetooth Application version 5.4.277 suffers from an unquoted service path vulnerability.
64649e4b03d676074e058a4bea1629b478b9bf31f364383beb81f3e04a484dd8
File Sanitizer for HP ProtectTools version 5.0.1.3 suffers from an unquoted service path vulnerability.
75b26f7c0d16235054a3bca106f8e5ac092ce5691cfad937f93f63af339eb225
Intel Management Engine Components version 6.0.0.1189 suffers from an unquoted service path vulnerability.
aa2df716adf81cc23d4c42c366ac98e98cb2749914b61ff2e6120564771c8fa8
Connectify Hotspot 2018 suffers from an unquoted service path vulnerability.
5c8e18583e7d44bd1da428fa8bcf86559a8aafd3b288374ca36284015731ccc2
Wondershare Dr.Fone version 11.4.9 suffers from an unquoted service path vulnerability.
106d0419943583c10a56662e06074859f3acce2402478d51934b850d8ab8a3dd
Wondershare MobileTrans 3.5.9 suffers from an unquoted service path vulnerability.
08be95dd8b24bfc66887fde06b5d3154e9353d19ee69f3fce7e7a634c84bd765
Wondershare FamiSafe version 1.0 suffers from an unquoted service path vulnerability.
3b88f6ed1d0a7f342614bb25297f781614c37bb062c717ce7750950caf3894ee
Wondershare UBackit version 2.0.5 suffers from an unquoted service path vulnerability.
ad1ce13dcab054d9b8c3bb5a98f587de4c55619898b4bc3324cbdb24e2728fed
Ubuntu Security Notice 5291-1 - It was discovered that libarchive incorrectly handled symlinks. If a user or automated system were tricked into processing a specially crafted archive, an attacker could possibly use this issue to change modes, times, ACLs, and flags on arbitrary files. It was discovered that libarchive incorrectly handled certain RAR archives. If a user or automated system were tricked into processing a specially crafted RAR archive, an attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code.
4444b74c02c62c6e4ec7adcda07f165bfa1f82d815a4e9ed5717ef2db923bab8
Multiple Zyxel devices suffer from buffer overflow, local file disclosure, unsafe storage of sensitive data, command injection, broken access control, symbolic link processing, cross site request forgery, and cross site scripting vulnerabilities.
0ba1f45b7a5254a119e2a3aeddf4279392e2e0120fe45790d15563c4eadf7fd2
Red Hat Security Advisory 2022-0491-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.43. Issues addressed include a cross site request forgery vulnerability.
f29f3f8bf2484c20ffee55f8b559d2a41fee6d4e66ede0a44305d0851c29a638
Trojan-Spy.Win32.Zbot.aawo.Zeus-Builder malware suffers from an insecure permissions vulnerability.
c68d33d4662620076c511a94c5c24ab8841bc6d060e7cced62cf12c97e5f6761
Red Hat Security Advisory 2022-0548-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
986d8c7944b2362ed7e7eec57d6eaf416489c5983bf83435fea62760e077dc74
WordPress Cozmoslabs Profile Builder plugin versions 3.6.1 and below suffer from a cross site scripting vulnerability.
227d0cbc687a81308dae38c43331e51ea397ccd24a1a3764724ddc45172f1143