CVE-2022-28877 : F-SECURE WITHSECURE ENDPOINT PROTECTION ON WINDOWS ACCESS CONTROL

Description

This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation.

References

https://www.f-secure.com/en/business/support-and-downloads/security-advisories

https://www.withsecure.com/en/support/security-advisories

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-24997 : APACHE INLONG UP TO 1.5.0 DESERIALIZATION

Description Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0.

CVE-2022-37708 : DOCKER 20.10.15 BUILD FD82621 PERMISSION

CVE-2022-37708 : DOCKER 20.10.15 BUILD FD82621 PERMISSION

Description Docker version 20.10.15, build fd82621 is vulnerable to Insecure Permissions. Unauthorized users outside the Docker container can access any

CVE-2023-0240 : LINUX KERNEL UP TO 5.10.160 IO_URING IO_PREP_ASYNC_WORK USE AFTER FREE

CVE-2023-0240 : LINUX KERNEL UP TO 5.10.160 IO_URING IO_PREP_ASYNC_WORK USE AFTER FREE

Description There is a logic error in io_uring’s implementation which can be used to trigger a use-after-free vulnerability leading to