Monthly Archive: March 2022

The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code. Date published :...

Improper neutralization of special elements used in a command (‘Command Injection’) vulnerability in File service functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors....

Buffer copy without checking size of input (‘Classic Buffer Overflow’) vulnerability in Authentication functionality in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via unspecified vectors. Date published :...

A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall. Date published :...

User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2. Date published : 2022-03-25 https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3 https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f

SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms prior to 5.11.1. Date published : 2022-03-25 https://huntr.dev/bounties/2f664985-c5fc-485b-b4fc-4c401be2cf40 https://github.com/forkcms/forkcms/commit/6aca30e10b4181534f73f96d6e2ebeb45ec15069

A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have...

An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older. Date published : 2022-03-25 https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce

An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access...

Delta Electronics DIAEnergie (Version 1.7.5 and prior) is vulnerable to cleartext transmission as the web application runs by default on HTTP. This could allow an attacker to remotely read transmitted information between the client...

An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default. Date published : 2022-03-25 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4GRMWBGHOJMFXMTORECQNULJK7ZJJ6Y/ https://bugzilla.redhat.com/show_bug.cgi?id=2064119

A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the `driver->nwfilters` mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying...

A flaw was found in all versions of kubeclient up to (but not including) v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does...

A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw...