CVE-2022-4180

Related Files

Gentoo Linux Security Advisory 202311-11

Posted Nov 25, 2023

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

tags | advisory, remote, vulnerability, code execution

systems | linux, gentoo

advisories | CVE-2022-2294, CVE-2022-3201, CVE-2022-41115, CVE-2022-4174, CVE-2022-4175, CVE-2022-4176, CVE-2022-4177, CVE-2022-4178, CVE-2022-4179, CVE-2022-4180, CVE-2022-4181, CVE-2022-4182, CVE-2022-4183, CVE-2022-4184

SHA-256 | a22a94578a7a21e61983f216e5af0590879d461fc663d27ad2e4fffa1e164182

Download | Favorite | View

Ubuntu Security Notice USN-6286-1

Posted Aug 14, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6286-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. It was discovered that some Intel Xeon Processors did not properly restrict error injection for Intel SGX or Intel TDX. A local privileged user could use this to further escalate their privileges.

tags | advisory, local

systems | linux, ubuntu

advisories | CVE-2022-40982, CVE-2022-41804, CVE-2023-23908

SHA-256 | c0c75d64309f39dd0c71d8e92d6ad8cf29041158c1a43956be78cc32f0d30aa2

Download | Favorite | View

Debian Security Advisory 5474-1

Posted Aug 11, 2023

Authored by Debian | Site debian.org

Debian Linux Security Advisory 5474-1 - This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2022-40982, CVE-2022-41804, CVE-2023-23908

SHA-256 | 4a22e3b631a399258cd26d74fcd8d2415119e5dababff03ad6715692ca4596f2

Download | Favorite | View

F5 Big-IP Create Administrative User

Posted Feb 3, 2023

Authored by Ron Bowes | Site metasploit.com

This Metasploit module creates a local user with a username/password and root-level privileges. Note that a root-level account is not required to do this, which makes it a privilege escalation issue. Note that this is pretty noisy, since it creates a user account and creates log files and such. Additionally, most (if not all) vulnerabilities in F5 grant root access anyways.

tags | exploit, local, root, vulnerability

advisories | CVE-2022-41622, CVE-2022-41800

SHA-256 | ec59a3d52e4d78cf9bacb372140fcd5f2f2c8928aed87fa348ad1aed6d0bcde0

Download | Favorite | View

Debian Security Advisory 5293-1

Posted Dec 5, 2022

Authored by Debian | Site debian.org

Debian Linux Security Advisory 5293-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure

systems | linux, debian

advisories | CVE-2022-4174, CVE-2022-4175, CVE-2022-4176, CVE-2022-4177, CVE-2022-4178, CVE-2022-4179, CVE-2022-4180, CVE-2022-4181, CVE-2022-4182, CVE-2022-4183, CVE-2022-4184, CVE-2022-4185, CVE-2022-4186, CVE-2022-4187

SHA-256 | a2f3eace58b4242297ee77779b8d32e36265204b8cbda9b92bfdb780c64b1476

Download | Favorite | View

F5 BIG-IP iControl Remote Command Execution

Posted Nov 24, 2022

Authored by Ron Bowes | Site metasploit.com

This Metasploit module exploits a newline injection into an RPM .rpmspec file that permits authenticated users to remotely execute commands. Successful exploitation results in remote code execution as the root user.

tags | exploit, remote, root, code execution

advisories | CVE-2022-41800

SHA-256 | ab0811cdeca1e7b40855fbeb9922d915dac86f0ccb16efdb3855d5d39ebf43ac

Download | Favorite | View