Vulnerabilities

ANE_ProgramCreate() multiple kernel memory corruption [CVE-2022-32898]

An out-of-bounds write in the ZinComputeProgramGetNamesFromMultiPlaneLinear() and ZinComputeProgramGetNamesFromMultiPlaneTitledCompressed() functions of the Apple Neural Engine (ANE).These functions are responsible for parsing procedure I/O, and will take some arguments including an output planes array of kernel pointers to user-controlled data, as well as a planeCount for how many planes to copy into that array…

 

SQL Injection in ManageEngine Privileged Access Management [CVE-2022-40300]

An SQLi in Password Manager Pro, which is bundled with Manage Engine’s Privileged Access Management 360 (PAM360) and Access Manager Plus.In the password manager, there’s a concept of “resources” which can be added or edited, which internally submits a multipart form request to the AddResourceType.ve endpoint…

 

Stealing passwords from infosec Mastodon - without bypassing CSP

web

Starts off with a somewhat classic parser attack,, placing a parsable object inside of another context hoping to trip up the system.In this case Gareth Heyes was able to inject :verified: within a supported HTML attribute, and have it be replaced with the emoji as an <img> tag…

 
1
2
3
4
5
6
7