Monthly Archive: March 2022

CmsWing CMS 1.3.7 is affected by a Remote Code Execution (RCE) vulnerability via parameter: log rule Date published : 2022-03-23 https://github.com/arterli/CmsWing/issues/56

CmsWing 1.3.7 is affected by a SQLi vulnerability via parameter: behavior rule. Date published : 2022-03-23 https://github.com/arterli/CmsWing/issues/55

A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system. Date published...

An unprivileged write to the file handler flaw in the Linux kernel’s control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by...

An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users)...

An out-of-bounds read flaw was found in libsndfile’s FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked...

A use-after-free flaw was found in the add_partition in block/partitions/core.c in the Linux kernel. A local attacker with user privileges could cause a denial of service on the system. The issue results from the...

A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of...

A vulnerability was found in the Linux kernel’s block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem....

Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. Date published : 2022-03-23 https://noob3xploiter.medium.com/hacking-the-tenda-ac10-1200-router-part-3-yet-another-buffer-overflow-4eb322f64823

Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the urls parameter in the saveParentControlInfo function. Date published : 2022-03-23 https://noob3xploiter.medium.com/hacking-the-tenda-ac10-1200-router-part-2-strcpy-buffer-overflow-92cd88e1d503

A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor’s address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem...

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim’s traffic at...

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to...