Security News

Security news from:

  • – 10. august 2022CVE-2022-37002
    The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background. (CVSS:0.0) (Las …
  • – 10. august 2022CVE-2022-37001
    The diag-router module has a vulnerability in intercepting excessive long and short instructions. Successful exploitation of this vulnerability will cause the diag-router module to crash. (CVSS:0.0) ( …
  • – 7. august 2022CVE-2022-37452
    Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set. (CVSS:0.0) (Last Update:2022-08-08)
  • – 6. august 2022CVE-2022-37451
    Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc. (CVSS:0.0) (Last Update:2022-08-07)
  • – 5. august 2022CVE-2022-37398
    A stack-based buffer overflow vulnerability was found inside ADM when using WebDAV due to the lack of data size validation. An attacker can exploit this vulnerability to run arbitrary code. Affected A …
  • – 5. august 2022CVE-2022-37450
    Go Ethereum (aka geth) through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-ch …
  • – 5. august 2022CVE-2022-37434
    zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. S …
  • – 5. august 2022CVE-2022-37431
    ** DISPUTED ** A Reflected Cross-site scripting (XSS) issue was discovered in dotCMS Core through 22.06. This occurs in the admin portal when the configuration has XSS_PROTECTION_ENABLED=false. NOTE: …
  • – 5. august 2022CVE-2022-37416
    Ittiam libmpeg2 before 2022-07-27 uses memcpy with overlapping memory blocks in impeg2_mc_fullx_fully_8x8. (CVSS:0.0) (Last Update:2022-08-05)
  • – 5. august 2022CVE-2022-37415
    The Uniwill SparkIO.sys driver 1.0 is vulnerable to a stack-based buffer overflow via IOCTL 0x40002008. (CVSS:0.0) (Last Update:2022-08-05)