CVE-2022-20210 UE and EMM use NAS messages to communicate. When a new message arrives, the modem parses it and fills in internal objects.
If a modem receives a malicious message, it can crash with a segmentation fault. This is a crash with the same code as a false
CVE-2022-32230 SMBv3 has a null pointer dereference in Windows versions prior to the April 2022 patch set.
For most systems, this attack requires authentication. This presents a problem for researchers. You can’t get authenticated access to a system with a BSOD.
CVE-2022-32278 - Exploiting .desktop Files via xdg-open in XFCE 4.16
In June 2022, security researchers disclosed a major vulnerability—CVE-2022-32278—affecting XFCE 4.16, a popular Linux desktop environment. This bug lets attackers run any
CVE-2022-29092 Dell SupportAssist Client versions 3.11.0 and prior contain a privilege escalation vulnerability.
This vulnerability is widespread and can affect any system using the Dell SupportAssist Client. End users and small businesses are highly impacted.
In order to
CVE-2022-28330 - Understanding and Exploiting the Apache HTTP Server mod_isapi Out-of-Bounds Read on Windows
In March 2022, the Apache Software Foundation disclosed a security vulnerability, CVE-2022-28330, affecting the Apache HTTP Server (httpd) versions 2.4.53 and earlier on
Episode
00:00:00
00:00:00