CVE-2022-44313 PicoC 3.2.2 had an exploitable buffer overflow in the ExpressionCoerceUnsignedInteger function that could lead to remote code execution.
This can be exploited by attackers to execute arbitrary code as the user running the script.
The following PoC is available on GitHub. To install
CVE-2022-41662 - Out-of-Bounds Read in Siemens JT2Go & Teamcenter Visualization – Exploit Details and Patch Guidance
In October 2022, Siemens disclosed a critical vulnerability affecting several of its widely used industrial visualization tools – JT2Go and Teamcenter Visualization. Tracked as CVE-2022-41662, this
CVE-2022-36077 - How Sensitive Data Escaped Through Electron Redirects
Summary:
CVE-2022-36077 reveals a severe vulnerability in the Electron framework before versions 21..-beta.1, 20..1, 19..11, and 18.3.7. Electron, widely
CVE-2022-44746 - Sensitive Information Disclosure in Acronis Cyber Protect Home Office due to Insecure Folder Permissions
In late 2022, a significant vulnerability tracked as CVE-2022-44746 was discovered in the widely-used backup software Acronis Cyber Protect Home Office for Windows. This security
CVE-2022-44745 - Sensitive Information Leak Through Log Files in Acronis Cyber Protect Home Office (Windows)
In November 2022, a security vulnerability was disclosed under the identifier CVE-2022-44745, impacting earlier versions of Acronis Cyber Protect Home Office (formerly Acronis True Image)
Episode
00:00:00
00:00:00