Security
Headlines
HeadlinesLatestCVEs

Tag

#linux

CVE-2022-3586: sch_sfb: Don't assume the skb is still around after enqueueing to child · torvalds/linux@9efd232

A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.

CVE
#linux#dos
CVE-2022-42227: Heap-buffer-overflow in jsonlint/src/lexer.cpp:18:15 · Issue #2 · p-ranav/jsonlint

jsonlint 1.0 is vulnerable to heap-buffer-overflow via /home/hjsz/jsonlint/src/lexer.

CVE-2022-41707: relatedcode/Messenger 7bcd20b - Information Disclosure | Fluid Attacks

Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access sensitive data of any user of the application. This is possible because the application exposes user data to the public.

CVE-2022-41709: GitHub - amitmerchant1990/electron-markdownify: A minimal Markdown editor desktop app

Markdownify version 1.4.1 allows an external attacker to execute arbitrary code remotely on any client attempting to view a malicious markdown file through Markdownify. This is possible because the application has the "nodeIntegration" option enabled.

SBOMs: An Overhyped Concept That Won't Secure Your Software Supply Chain

We need more than the incomplete snapshot SBOMs provide to have real impact.

CVE-2022-43418: security - Multiple vulnerabilities in Jenkins plugins

A cross-site request forgery (CSRF) vulnerability in Jenkins Katalon Plugin 1.0.33 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Fortinet FortiOS / FortiProxy / FortiSwitchManager Authentication Bypass

This Metasploit module exploits an authentication bypass vulnerability in the Fortinet FortiOS, FortiProxy, and FortiSwitchManager API to gain access to a chosen account and then adds an SSH key to the authorized_keys file of the chosen account, allowing you to login to the system with the chosen account. Successful exploitation results in remote code execution.

Zimbra Privilege Escalation

This Metasploit module exploits a vulnerable sudo configuration that permits the Zimbra user to execute postfix as root. In turn, postfix can execute arbitrary shellscripts, which means it can execute a root shell.

Debian Security Advisory 5258-1

Debian Linux Security Advisory 5258-1 - Several vulnerabilities were discovered in Squid, a fully featured web proxy cache, which could result in exposure of sensitive information in the cache manager (CVE-2022-41317), or denial of service or information disclosure if Squid is configured to negotiate authentication with the SSPI and SMB authentication helpers (CVE-2022-41318).