seclist.org

Subscribe to seclist.org hírcsatorna
A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.
Frissítve: 1 óra 59 perc
2023. május 30.

CVE-2022-48336 - Buffer Overflow in Widevine Trustlet (PRDiagParseAndStoreData @ 0x5cc8)

Posted by Cyber Intel Security on May 30

1. INFORMATION
--------------
[+] CVE : CVE-2022-48336
[+] Title : Buffer Overflow in Widevine Trustlet
(PRDiagParseAndStoreData @ 0x5cc8)
[+] Vendor : Google
[+] Device : Nexus 6
[+] Affected component : Widevine
[+] Publication date : March 2023
[+] Credits : CyberIntel Team

2. AFFECTED VERSIONS
--------------------
5.0.0 (LRX21O), 5.0.1 (LRX22C), 5.1.0 (LMY47D), 5.1.0 (LMY47E),...
2023. május 30.

CVE-2022-48335 - Buffer Overflow in Widevine Trustlet (PRDiagVerifyProvisioning @ 0x5f90)

Posted by Cyber Intel Security on May 30

1. INFORMATION
--------------
[+] CVE : CVE-2022-48335
[+] Title : Buffer Overflow in Widevine Trustlet
(PRDiagVerifyProvisioning @ 0x5f90)
[+] Vendor : Google
[+] Device : Nexus 6
[+] Affected component : Widevine
[+] Publication date : March 2023
[+] Credits : CyberIntel Team

2. AFFECTED VERSIONS
--------------------
5.0.0 (LRX21O), 5.0.1 (LRX22C), 5.1.0 (LMY47D), 5.1.0...
2023. május 30.

CVE-2022-48334 - Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x7370)

Posted by Cyber Intel Security on May 30

1. INFORMATION
--------------
[+] CVE : CVE-2022-48334
[+] Title : Buffer Overflow in Widevine Trustlet
(drm_verify_keys @ 0x7370)
[+] Vendor : Google
[+] Device : Nexus 6
[+] Affected component : Widevine
[+] Publication date : March 2023
[+] Credits : CyberIntel Team

2. AFFECTED VERSIONS
--------------------
5.0.0 (LRX21O), 5.0.1 (LRX22C), 5.1.0 (LMY47D), 5.1.0 (LMY47E), 5.1.0...
2023. május 30.

CVE-2022-48333 - Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x730c)

Posted by Cyber Intel Security on May 30

1. INFORMATION
--------------
[+] CVE : CVE-2022-48333
[+] Title : Buffer Overflow in Widevine Trustlet
(drm_verify_keys @ 0x730c)
[+] Vendor : Google
[+] Device : Nexus 6
[+] Affected component : Widevine
[+] Publication date : March 2023
[+] Credits : CyberIntel Team

2. AFFECTED VERSIONS
--------------------
5.0.0 (LRX21O), 5.0.1 (LRX22C), 5.1.0 (LMY47D), 5.1.0 (LMY47E), 5.1.0...
2023. május 30.

CVE-2022-48332 - Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x6a18)

Posted by Cyber Intel Security on May 30

1. INFORMATION
--------------
[+] CVE : CVE-2022-48332
[+] Title : Buffer Overflow in Widevine Trustlet
(drm_save_keys @ 0x6a18)
[+] Vendor : Google
[+] Device : Nexus 6
[+] Affected component : Widevine
[+] Publication date : March 2023
[+] Credits : CyberIntel Team

2. AFFECTED VERSIONS
--------------------
5.0.0 (LRX21O), 5.0.1 (LRX22C), 5.1.0 (LMY47D), 5.1.0 (LMY47E), 5.1.0...
2023. május 30.

CVE-2022-48331 - Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x69b0)

Posted by Cyber Intel Security on May 30

1. INFORMATION
--------------
[+] CVE : CVE-2022-48331
[+] Title : Buffer Overflow in Widevine Trustlet
(drm_save_keys @ 0x69b0)
[+] Vendor : Google
[+] Device : Nexus 6
[+] Affected component : Widevine
[+] Publication date : March 2023
[+] Credits : CyberIntel Team

2. AFFECTED VERSIONS
--------------------

5.0.0 (LRX21O), 5.0.1 (LRX22C), 5.1.0 (LMY47D), 5.1.0 (LMY47E), 5.1.0...
2023. május 30.

SCHUTZWERK-SA-2022-001: Cross-Site-Scripting in Papaya Medical Viewer

Posted by Lennert Preuth via Fulldisclosure on May 30

Title
=====

SCHUTZWERK-SA-2022-001: Cross-Site-Scripting in Papaya Medical Viewer

Status
======

PUBLISHED

Version
=======

1.0

CVE reference
=============

CVE-2023-33255

Link
====

https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2022-001/

Text-only version:
https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2022-001.txt

Further SCHUTZWERK advisories:
https://www.schutzwerk.com/blog/tags/advisories/

Affected products/vendor...
2023. május 30.

[RT-SA-2023-005] Pydio Cells: Server-Side Request Forgery

Posted by RedTeam Pentesting GmbH on May 30

For longer running processes, Pydio Cells allows for the creation of
jobs, which are run in the background. The job "remote-download" can be
used to cause the backend to send a HTTP GET request to a specified URL
and save the response to a new file. The response file is then available
in a user-specified folder in Pydio Cells.

Details
=======

Product: Pydio Cells
Affected Versions: 4.1.2 and earlier versions
Fixed Versions: 4.2.0,...
2023. május 30.

[RT-SA-2023-004] Pydio Cells: Cross-Site Scripting via File Download

Posted by RedTeam Pentesting GmbH on May 30

Advisory: Pydio Cells: Cross-Site Scripting via File Download

Pydio Cells implements the download of files using presigned URLs which
are generated using the Amazon AWS SDK for JavaScript [1]. The secrets
used to sign these URLs are hardcoded and exposed through the JavaScript
files of the web application. Therefore, it is possible to generate
valid signatures for arbitrary download URLs. By uploading an HTML file
and modifying the download URL...
2023. május 30.

[RT-SA-2023-003] Pydio Cells: Unauthorised Role Assignments

Posted by RedTeam Pentesting GmbH on May 30

Advisory: Pydio Cells: Unauthorised Role Assignments

Pydio Cells allows users by default to create so-called external users
in order to share files with them. By modifying the HTTP request sent
when creating such an external user, it is possible to assign the new
user arbitrary roles. By assigning all roles to a newly created user, access to
all cells and non-personal workspaces is granted.

Details
=======

Product: Pydio Cells
Affected...
2023. május 30.

Printerlogic multiple vulnerabilities

Posted by Eldar Marcussen on May 29

PrinterLogic SaaS, multiple vulnerabilities
===========================================================
PrinterLogic's Enterprise Print Management software allows IT
professionals to simplify printer driver management and empower end
users.
-- https://www.printerlogic.com/

Background
----------------------------------
The following findings were identified by performing both dynamic
testing of the PrinterLogic SaaS platform and code...
2023. május 30.

SEC Consult SA-20230517-0 :: Stored XSS vulnerability in rename functionality in Wekan (Open-Source kanban)

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on May 29

SEC Consult Vulnerability Lab Security Advisory < 20230517-0 >
=======================================================================
title: Stored XSS vulnerability in rename functionality
product: Wekan (Open-Source kanban)
vulnerable version: <=6.74
fixed version: 6.75 or higher
CVE number: CVE-2023-28485
impact: Medium
homepage: https://wekan.github.io...
2023. május 30.

SEC Consult SA-20230516-0 :: Multiple Vulnerabilities in Serenity and StartSharp Software

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on May 29

SEC Consult Vulnerability Lab Security Advisory < 20230516-0 >
=======================================================================
title: Multiple Vulnerabilities
product: Serenity and StartSharp Software
vulnerable version: < 6.7.1
fixed version: 6.7.1 or higher
CVE number: CVE-2023-31285, CVE-2023-31286, CVE-2023-31287
impact: high
homepage:...
2023. május 30.

APPLE-SA-2023-05-18-2 iOS 15.7.6 and iPadOS 15.7.6

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2023-05-18-2 iOS 15.7.6 and iPadOS 15.7.6

iOS 15.7.6 and iPadOS 15.7.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213765.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accessibility
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE
(1st...
2023. május 30.

APPLE-SA-2023-05-18-7 watchOS 9.5

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2023-05-18-7 watchOS 9.5

watchOS 9.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213764.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accessibility
Available for: Apple Watch Series 4 and later
Impact: An app may be able to bypass Privacy preferences
Description: A...
2023. május 30.

APPLE-SA-2023-05-18-8 Safari 16.5

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2023-05-18-8 Safari 16.5

Safari 16.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213762.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

WebKit
Available for: macOS Big Sur and macOS Monterey
Impact: Processing web content may disclose sensitive information
Description:...
2023. május 30.

APPLE-SA-2023-05-18-6 tvOS 16.5

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2023-05-18-6 tvOS 16.5

tvOS 16.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213761.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

AppleMobileFileIntegrity
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: An app may be able to bypass Privacy preferences...
2023. május 30.

APPLE-SA-2023-05-18-5 macOS Big Sur 11.7.7

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2023-05-18-5 macOS Big Sur 11.7.7

macOS Big Sur 11.7.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213760.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accessibility
Available for: macOS Big Sur
Impact: An app may be able to bypass Privacy preferences
Description: A...
2023. május 30.

APPLE-SA-2023-05-18-4 macOS Monterey 12.6.6

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2023-05-18-4 macOS Monterey 12.6.6

macOS Monterey 12.6.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213759.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accessibility
Available for: macOS Monterey
Impact: An app may be able to bypass Privacy preferences
Description:...
2023. május 30.

APPLE-SA-2023-05-18-3 macOS Ventura 13.4

Posted by Apple Product Security via Fulldisclosure on May 29

APPLE-SA-2023-05-18-3 macOS Ventura 13.4

macOS Ventura 13.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213758.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accessibility
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: A...