CVE-2022-41745 An OOB access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message that could cause memory corruption on a certain service process, leading to privilege escalation.
An attacker could create a message with an arbitrary payload to exploit the vulnerability and execute arbitrary code on the targeted system. An attacker could
CVE-2022-36063 Azure RTOS USBx is a USB host, device and OTG embedded stack with Azure RTOS ThreadX support.
Azure RTOS USBx implementation of host support for uploading and downloading files including code and data, via FTDI and UART, may be potentially exploited to
CVE-2022-41747 An Apex One agent could be vulnerable to an DLL file loading vulnerability if it is not validated.
Fortunately, this issue is fairly easy to detect, as the ApexOne agent will display a security warning whenever a new DLL file is loaded. Trend
CVE-2022-36635 The ZKBioSecurity V5000 4.1.3 had a SQL injection vulnerability in /baseOpLog.do.
An attacker can leverage this vulnerability to inject SQL commands into the database or obtain sensitive information by viewing the database.
ZKteco ZKBioSecurity V5000 4.
CVE-2022-39959 An unprivileged user can create a file named Everest.exe in the Programdata\Panini folder.
This issue was reported by the researcher Mohamed Diaby from Cybersecurity for the Masses. In order to exploit the issue, a user must be tricked
Episode
00:00:00
00:00:00