This Metasploit module exploits vulnerabilities within the ChainedSerializationBinder as used in Exchange Server 2019 CU10, Exchange Server 2019 CU11, Exchange Server 2016 CU21, and Exchange Server 2016 CU22 all prior to Mar22SU. Note that authentication is required to exploit these vulnerabilities.
357c3536b07ff810cec76347c7e5ce16faf862cac3951d66875221d4f487430dUbuntu Security Notice 5575-1 - Nicolas Gregoire discovered that Libxslt incorrectly handled certain XML. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. Alexey Neyman incorrectly handled certain HTML pages. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code.
f6ecaf18e7f6cce8a5a0397a38d1187380f5f00e897139dffb0e51a9aa5ff4c8Red Hat Security Advisory 2022-6119-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.
506465fd9b07ce02fc1638f57b6133ca139398125d96b0f94000157181eec93bUbuntu Security Notice 5574-1 - It was discovered that Exim incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
a904f81f8d0dd7b70dab39c442195e499406359a4e9e4ef6b9b92b8b75bb3abaGentoo Linux Security Advisory 202208-34 - Multiple vulnerabilities have been discovered in Apache Tomcat, the worst of which could result in denial of service. Versions less than 8.5.82:8.5 are affected.
077be2b54802b552aa2444c9d86f7b9f2b66179442ffb4c75ef491cd837caab4Gentoo Linux Security Advisory 202208-35 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 104.0.5112.101 are affected.
e7597aa0df8c711de96d624bc650d2003b1b78f793dce2a87a44bfd7d0c68250Gentoo Linux Security Advisory 202208-33 - A vulnerability has been found in libcroco which could result in denial of service. Versions less than 0.6.13 are affected.
25a5d7f8d83c26b7e1a166d83a2c526d1764c7658af5a27c23256dcec15521d7Gentoo Linux Security Advisory 202208-32 - Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service. Versions less than 9.0.0060 are affected.
428827fed17e0b3819aabc6d5f9fe9ff4d6c377f396085bf6ae290efda4d49c4Personnel Property Equipment 2015-2022 suffers from a remote SQL injection vulnerability.
cacfd917834264c882209ac565378bfb3e65a6fcfed1eade2534a0761a5dd12cThere is a buffer overflow in how AppleAVD.kext parses the ref_pic_list_modification component of H264 slice headers in AVC_RBSP::parseSliceHeader. When pic modification entries are copied into the pic modification list, the loop only terminates when the end code (3) is encountered, meaning that any number of entries can be copied into the fixed size modification buffer. This can corrupt the remainder of the decoder structure, as well as write outside of allocated memory.
f0e86dbff30f8c2f08674e561b12277b9f50b736d022814b1917489c1e9f1d2cThere is an out-of-bounds write vulnerability when decoding a certain flavor of RAW image files on macOS. The vulnerability has been confirmed on macOS 12.3.1. Although the advisory notes an attached poc, Google did not have one attached.
b0cdd2ef0c901dd72ddd0b3fa6f8cc6fcb53635705915e5ec0c9100853c07cb3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed