CVE-2022-39291 Affected versions of zoneminder are vulnerable to a vulnerability which allows users with "View" system permissions to inject new data into the logs stored by Zoneminder.
ZmMiner is a php script that hooks into the zoneminder logging system and is used to extract data from the server and display it in
CVE-2022-26474 In sensorhub, there is a out of bounds write that could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Sensor hub is a feature in Windows 10, 8, 7, Vista and Windows 2003, 2008, 2012 and 2008 R2 servers. It allows for remote monitoring,
CVE-2022-26471 In telephony, a parcel format mismatch could lead to privilege escalation with no user interaction needed.
In some circumstances, there is a possible local escalation of privilege with no additional privileges needed. This could occur when a local application is running
CVE-2022-26475 In wlan, an out of bounds write can lead to local escalation of privilege with System execution privileges. User interaction is not needed for exploitation.
CVE-2018-4132 An issue was discovered with Wireless Network (wlan) driver - out-of-bounds access in function ‘iwScanReqDpc’ which can lead to system crash and remote code
CVE-2022-32593 In Vowe, there is a possible out of bounds write, which could lead to local escalation of privilege with System execution privileges. User interaction is not needed for exploitation.
An attacker could launch a Red Team engagement and leverage this vulnerability. The attacker could convince a system administrator to open a malicious email attachment
Episode
00:00:00
00:00:00