Vulnerability Updates
National Cyber Awareness System's Weekly Bulletins For The Month
- VU#309662: Signed third party UEFI bootloaders are vulnerable to Secure Boot bypass:
Overview
A security feature bypass vulnerability exists in signed 3rd party UEFI bootloaders that allows bypass of the UEFI Secure Boot feature. An attacker who …
- VU#495801: muhttpd versions 1.1.5 and earlier are vulnerable to path traversal:
Overview
Versions 1.1.5 and earlier of the mu HTTP deamon (muhttpd) are vulnerable to path traversal via crafted HTTP request from an unauthenticated user. This …
- VU#142546: SMA Technologies OpCon UNIX agent adds the same SSH key to all installations:
Overview
SMA Technologies OpCon UNIX agent adds the same SSH key on every installation and subsequent updates. An attacker with access to the private key can gain root …
- VU#473698: uClibc, uClibc-ng libraries have monotonically increasing DNS transaction ID:
Overview
The uClibc and uClibc-ng libraries, prior to uClibc-ng 1.0.41, are vulnerable to DNS cache poisoning due to the use of predicatble DNS transaction IDs when making …
- VU#730007: Tychon is vulnerable to privilege escalation due to OPENSSLDIR location:
Overview
Tychon contains a privilege escalation vulnerability due to the use of an
OPENSSLDIRvariable that specifies a location where an unprivileged Windows …
National Vulnerability Database
- CVE-2022-3298: Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.
- CVE-2022-40098: Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense.php.
- CVE-2022-40099: Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense_category.php.
- CVE-2022-40097: Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_currency.php.
- CVE-2022-40050: ZFile v4.1.1 was discovered to contain an arbitrary file upload vulnerability via the component /file/upload/1.
Packet Storm’s Apple Vulnerability List
- Apple Security Advisory 2022-09-12-5: Apple Security Advisory 2022-09-12-5 – Safari 16 addresses buffer overflow, code execution, out of bounds read, and spoofing vulnerabilities.
- Apple Security Advisory 2022-09-12-4: Apple Security Advisory 2022-09-12-4 – macOS Monterey 12.6 addresses bypass and code execution vulnerabilities.
- Apple Security Advisory 2022-09-12-2: Apple Security Advisory 2022-09-12-2 – iOS 15.7 and iPadOS 15.7 addresses buffer overflow, bypass, code execution, out of bounds read, and spoofing vulnerabilities.
- Apple Security Advisory 2022-09-12-1: Apple Security Advisory 2022-09-12-1 – iOS 16 addresses buffer overflow, bypass, code execution, out of bounds read, and spoofing vulnerabilities.
- Apple macOS Remote Events Memory Corruption: This is a proof of concept exploit for the Apple macOS remote events remote memory corruption vulnerability. It serves as a toolkit to help debug and trigger crashes.
Packet Storm’s Windows Vulnerability List
- Backdoor.Win32.Augudor.b MVID-2022-0644 Code Execution: Backdoor.Win32.Augudor.b malware suffers from a code execution vulnerability.
- Backdoor.Win32.Psychward.b MVID-2022-0645 Hardcoded Credential: Backdoor.Win32.Psychward.b malware suffers from a hardcoded credential vulnerability.
- Backdoor.Win32.Bingle.b MVID-2022-0643 Hardcoded Credential: Backdoor.Win32.Bingle.b malware suffers from a hardcoded credential vulnerability.
- Unified Remote Authentication Bypass / Code Execution: This Metasploit module utilizes the Unified Remote remote control protocol to type out and deploy a payload. The remote control protocol can be configured to have no passwords, a group password, or …
- Backdoor.Win32.Hellza.120 MVID-2022-0641 Remote Command Execution: Backdoor.Win32.Hellza.120 malware suffers from a remote command execution vulnerability.