Email-Worm.Win32.Kipis.c malware suffers from a remote file write vulnerability that allows for remote code execution.
a928474123c62826be6937b0f16cc3bd810a092305c80c11b1dba87312f0d8bePega Platform versions 8.1.0 through 8.7.3 suffer from a remote code execution vulnerability. If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to upload serialized payloads to attack the underlying system. This does not affect systems running on PegaCloud due to its design and architecture.
14f97e39b3b48a9075da1f6e66862a187e036b509ff25bfce33fb66bb645c604Red Hat Security Advisory 2022-6905-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.50. Issues addressed include a code execution vulnerability.
d445a81a4efdc52988749989d6a49433d48657553db0b5fda73d161d6fae6246This Metasploit module exploits an authentication bypass vulnerability in the Fortinet FortiOS, FortiProxy, and FortiSwitchManager API to gain access to a chosen account and then adds an SSH key to the authorized_keys file of the chosen account, allowing you to login to the system with the chosen account. Successful exploitation results in remote code execution.
818eeb4d404c8cde2ab69451948a6037ca08bef60e2be65eb6fe9ed9d7ef0e7dUbuntu Security Notice 5686-1 - Cory Snider discovered that Git incorrectly handled certain symbolic links. An attacker could possibly use this issue to cause an unexpected behaviour. Kevin Backhouse discovered that Git incorrectly handled certain command strings. An attacker could possibly use this issue to arbitrary code execution.
c699a9bd555fb4922c18021b0fbfc11f65ddedf4fd6d1d4bb837d79ba1110921This Metasploit module exploits an unauthenticated remote code execution vulnerability in Spring Cloud Gateway versions 3.0.0 through 3.0.6 and 3.1.0. The vulnerability can be exploited when the Gateway Actuator endpoint is enabled, exposed and unsecured. An unauthenticated attacker can use SpEL expressions to execute code and take control of the victim machine.
21645b3916729fad4fc93eb22039c634ac8ba5e477c97ca0844e7968d2668c3dGentoo Linux Security Advisory 202210-5 - Multiple vulnerabilities have been discovered in virglrenderer, the worst of which could result in remote code execution. Versions less than 0.10.1 are affected.
b254071064779769b613f8607d262dd9e3d4f0df15818f4a7f56b45b878cbaa1WordPress ImageMagick-Engine plugin versions 1.7.4 and below suffer from a remote code execution vulnerability.
0a3612a798769eba88be7a65e115fec6f454f472265041b1ac9034948c48ebaeGentoo Linux Security Advisory 202210-3 - Multiple vulnerabilities have been discovered in libxml2, the worst of which could result in arbitrary code execution. Versions less than 2.10.2 are affected.
38f4187c50d7d015c0a6d20cb77d7398a2cb194e039bb5c8641b0a5008530169Red Hat Security Advisory 2022-6801-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.8.51. Issues addressed include a code execution vulnerability.
e3ac3bd35a9f72f43e8f8984fbfa1316e6c37ee4f789072596344b26c1344d33Red Hat Security Advisory 2022-6805-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.36. Issues addressed include a code execution vulnerability.
f6dbbda73b4390608f9398113f7a6730717262ffba53878659a8e22e66cd5776Ubuntu Security Notice 5666-1 - It was discovered that OpenSSH incorrectly handled certain helper programs. An attacker could possibly use this issue to arbitrary code execution.
8f31482ef90e95cd49fa6931dd52d6bd17567f215ec6e64988bc0a35199c0f0eZentao Project Management System version 17.0 suffers from an authenticated remote code execution vulnerability.
6068601aabffdd4fabb666c2f1c6f5b6a98c2cfa8a37e38ec60bd46de8f8505dRed Hat Security Advisory 2022-6835-01 - This release of Red Hat Integration - Service registry 2.3.0.GA serves as a replacement for 2.0.3.GA, and includes the below security fixes. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and privilege escalation vulnerabilities.
e74328b6f49a71e8a4f60fb74ad9b6b09cb32b24b7b0fd468d39f217ac93fb95Red Hat Security Advisory 2022-6782-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.3 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.
3f148abf3e1d7783fdbb7b295faf665cc66091c74ed2574ed8bb517021defb68Red Hat Security Advisory 2022-6787-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.3 serves as a replacement for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.
271756341073654fcee5cc794ed943b6caf607b6082cce3ac034db8a5cd1903aRed Hat Security Advisory 2022-6783-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.3 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.
c634291e814c5d71d9282254b7ea4a4726267ec9b38abf7abd26f66ed5f82571ZKSecurity BIO version 4.1.2 suffers from a remote SQL injection vulnerability that can allow for remote code execution.
2f5ddba7cf7e3024ddc6ad5a39968b8c149a652831c65c828f1565ea29f0e84dGentoo Linux Security Advisory 202209-27 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions less than 102.3.0:esr are affected.
da5ad64b1ca5059281d41422aedf676273506128bf27ccfc379aa4eb214fc474Gentoo Linux Security Advisory 202209-24 - Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution. Versions less than 2.4.9 are affected.
2ce98ac3693f706e145cfd62612f4e95aba33619815a6e436ea16ca923e8b420Gentoo Linux Security Advisory 202209-22 - A vulnerability has been found in Kitty which could allow for arbitrary code execution with user input. Versions less than 0.26.2 are affected.
86eb80320fa84bb7a076ccdd97aab736cc98066555fa5ab8e3b9fcf803a8a783Gentoo Linux Security Advisory 202209-23 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 105.0.5195.125 are affected.
cdc8ee89e740628d11a899ae470b25cff194a96171905579abdf7bb65d0a72c5Gentoo Linux Security Advisory 202209-25 - A vulnerability has been discovered in Zutty which could allow for arbitrary code execution. Versions less than 0.13 are affected.
28cac471ae988cac02eafd406f0d0c2bbb8d20b30361cfda4f251e1475bbd755Gentoo Linux Security Advisory 202209-21 - A vulnerability has been discovered in Poppler which could allow for arbitrary code execution. Versions less than 22.09.0 are affected.
bb7e78343a58934f514393f6c6ebf70def0d9cbb6f1002e72f183864b7b7c70bGentoo Linux Security Advisory 202209-19 - Multiple vulnerabilities have been discovered in GraphicsMagick, the worst of which are fuzzing issues presumed to allow for arbitrary code execution. Versions less than 1.3.38 are affected.
ce81f88ef1dacfc7f245a7c4901fb01be1706eb8ca10d234347e0653b483d84a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed