CVE-2022-31199 : NETWRIX AUDITOR USER ACTIVITY VIDEO RECORDING REMOTE CODE EXECUTION

Description

Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by the component, and potentially allow an unauthenticated remote attacker to execute arbitrary code as the NT AUTHORITY\SYSTEM user on affected systems, including on systems Netwrix Auditor monitors.

References

https://bishopfox.com/blog/netwrix-auditor-advisory

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-40265 : MITSUBISHI ELECTRIC MELSEC IQ-R PACKETS DENIAL OF SERVICE

CVE-2022-40265 : MITSUBISHI ELECTRIC MELSEC IQ-R PACKETS DENIAL OF SERVICE

Description Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmware version “65” and prior and Mitsubishi

CVE-2022-44400 : ORETNOM23 PURCHASE ORDER MANAGEMENT SYSTEM 1.0 UNRESTRICTED UPLOAD

CVE-2022-44400 : ORETNOM23 PURCHASE ORDER MANAGEMENT SYSTEM 1.0 UNRESTRICTED UPLOAD

Description Purchase Order Management System v1.0 contains a file upload vulnerability via /purchase_order/admin/?page=system_info. References https://github.com/lcg-22266/bug_report/blob/main/vendors/oretnom23/Purchase%20Order%20Management%20System/UPLOAD-1.md For More Information MITRE

CVE-2022-45919 : LINUX KERNEL UP TO 6.0.10/0221.C DVB_CA_EN50221.C DVB_CA_EN50221_IO_RELEASE USE AFTER FREE

CVE-2022-45919 : LINUX KERNEL UP TO 6.0.10/0221.C DVB_CA_EN50221.C DVB_CA_EN50221_IO_RELEASE USE AFTER FREE

Description An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is