A vulnerability, which was classified as critical, has been found in Wazuh up to 4.2.4. This issue affects an unknown part of the component wazuh-slack Active Response Script. Upgrading to version 4.2.5 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
Wazuh up to 4.2.4 wazuh-slack Active Response Script os command injection
CVE-2022-37452 : EXIM UP TO 4.94 ALIAS LIST HOST.C HOST_NAME_LOOKUP SENDER_HOST_NAME HEAP-BASED OVERFLOW
Description Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is
Description Kaspersky VPN Secure Connection for Windows version up to 21.5 was vulnerable to arbitrary file deletion via abuse of