CVE-2022-38614 IGB Files and OutfileService has an issue where attackers can list and download files by modifying the PATH parameter.
The vulnerability exists due to the Ingesting Service exposing a user-controlled Path variable to the application. An attacker can leverage this to append arbitrary file
CVE-2022-39844 Incompetent validation of the Smart Switch PC's integrity check vulnerability allows attackers to delete arbitrary directories.
CVE-2019-1577 Inadequate validity checking of LDAP and AD integration in Smart Switch PC prior to version 4.3.22083 allows remote attackers to authenticate via
CVE-2022-39845 Inadequate validation of integrity check in Samsung Kies 2.6.4.22074 allows attackers to delete arbitrary directory.
It is recommended to update to latest version as quickly as possible. This issue was resolved in version 2.6.5.22257. It is also
CVE-2022-2528 It is possible to upload a package with insufficient permissions after re-indexing packages.
This can result in deployment failure.
This issue is fixed in version 5.1.
Octopus Deploy 5.0.7 - 5.0.8 Octopus Deploy
CVE-2022-27593 An externally controlled reference to a resource vulnerability in QNAP NAS Photo Station could allow an attacker to modify system files.
QNAP NAS running Photo Station are prone to a remote code execution vulnerability. QNAP NAS running Photo Station are prone to a remote code execution
Episode
00:00:00
00:00:00