#windows

In Docker Desktop 4.17.x the Artifactory Integration falls back to sending registry credentials over plain HTTP if the HTTPS health check has failed. A targeted network sniffing attack can lead to a disclosure of sensitive information. Only users who have Access Experimental Features enabled and have logged in to a private registry are affected.

Categories: Business It's time to buckle up and embark on a whimsical journey through the twists and turns of Malwarebytes' evolution. (Read more...) The post A whirlwind adventure: Malwarebytes' 15-year journey in business cybersecurity appeared first on Malwarebytes Labs.

Categories: News Tags: IoT Tags: garage Tags: door Tags: remote Tags: open Tags: app Tags: switch Tags: alarm Tags: Nexx Multiple exploits are impacting a line of smart products for the home. (Read more...) The post IoT garage door exploit allows for remote opening attack appeared first on Malwarebytes Labs.

Citrix versions 22.2.1.103 and 23.1.1.11 suffer from a local privilege escalation vulnerability.

An unprivileged (non-admin) user can exploit an Improper Access Control vulnerability in the Cloudflare WARP Client for Windows (<= 2022.12.582.0) to perform privileged operations with SYSTEM context by working with a combination of opportunistic locks (oplock) and symbolic links (which can both be created by an unprivileged user). After installing the Cloudflare WARP Client (admin privileges required), an MSI-Installer is placed under C:\Windows\Installer. The vulnerability lies in the repair function of this MSI. ImpactAn unprivileged (non-admin) user can exploit this vulnerability to perform privileged operations with SYSTEM context, including deleting arbitrary files and reading arbitrary file content. This can lead to a variety of attacks, including the manipulation of system files and privilege escalation. PatchesA new installer with a fix that addresses this vulnerability was released in version 2023.3.381.0. While the WARP Client itself is not vulnerable (only the installer), u...

A use-after-free vulnerability exists within the way Ichitaro Word Processor 2022, version 1.0.1.57600, processes protected documents. A specially crafted document can trigger reuse of freed memory, which can lead to further memory corruption and potentially result in arbitrary code execution. An attacker can provide a malicious document to trigger this vulnerability.

Pentaho BA Server EE version 9.3.0.0-428 suffers from a remote code execution vulnerability via a server-side template injection flaw.

projectSend r1605 suffers from a remote code execution vulnerability.

Liferay Portal version 6.2.5 suffers from an insecure permissions vulnerability.

Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/ajax.php?action=login.