Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

China-linked APT Flew Under Radar for Decade

Evidence suggests that a just-discovered APT has been active since 2013.

Threatpost
Open in Source
#vulnerability#web#mac#windows#backdoor#perl
CVE-2021-41408: voipmonitor unauth sql injection

VoIPmonitor WEB GUI up to version 24.61 is affected by SQL injection through the "api.php" file and "user" parameter.

CVE-2020-36549

A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed.

GHSA-x4mq-m75f-mx8m: Delegate functions are missing `Send` bound

Affected versions of this crate did not require event handlers to have `Send` bound despite there being no guarantee of them being called on any particular thread, which can potentially lead to data races and undefined behavior. The flaw was corrected in commit [afe3252](https://github.com/microsoft/windows-rs/commit/afe32525c22209aa8f632a0f4ad607863b51796a) by adding `Send` bounds.

GHSA-wwh2-r387-g5rm: Improper validation of Windows paths could lead to directory traversal attack

`tower_http::services::fs::ServeDir` didn't correctly validate Windows paths meaning paths like `/foo/bar/c:/windows/web/screen/img101.png` would be allowed and respond with the contents of `c:/windows/web/screen/img101.png`. Thus users could potentially read files anywhere on the filesystem. This only impacts Windows. Linux and other unix likes are not impacted by this. See [tower-http#204] for more details. [tower-http#204]: https://github.com/tower-rs/tower-http/pull/204

GHSA-9rg7-3j4f-cf4x: QueryInterface should call AddRef before returning pointer

Affected version of this crate, which is a required dependency in com-impl, provides a faulty implementation of the `IUnknown::QueryInterface` method. `QueryInterface` implementation must call `IUnknown::AddRef` before returning the pointer, as describe in this documentation: <https://docs.microsoft.com/en-us/windows/win32/api/unknwn/nf-unknwn-iunknown-queryinterface(refiid_void)> As it is not incrementing the refcount as expected, the following calls to `IUnknown::Release` method will cause WMI to drop reference to the interface, and can lead to invalid reference. This is documented in <https://docs.microsoft.com/en-us/windows/win32/learnwin32/managing-the-lifetime-of-an-object#reference-counting> There is no simple workaround, as you can't know how many time QueryInterface will be called. The only way to quick fix this is to use the macro expanded version of the code and modify the QueryInterface method to add the AddRef call yourself. The issue was corrected in commit `9803f...

Internet Explorer Now Retired but Still an Attacker Target

Though the once-popular browser is officially now history as far as Microsoft support goes, adversaries won't stop attacking it, security experts say.

CVE-2021-36608: webTareas / Tickets / #44 Cross Site Script Vulnerability on "Documents" in webtareas feature v2.2p1

Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /projects/editproject.php.

CVE-2021-36609: webTareas / Tickets / #43 Cross Site Script Vulnerability on "Projects" in webtareas feature v2.2p1

Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /linkedcontent/editfolder.php.

CVE-2022-31464: Adaware Protect Local Privilege Escalation through Insecure Service Permissions

Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path.