>> ARCHIVE: 2022-10

The Windows Kernel suffers from integer overflow vulnerabilities in its registry subkey lists leading to memory corruption.

MapTool version 1.11.5 suffers from a denial of service vulnerability.

MapTool version 1.11.5 suffers from a cross site scripting vulnerability.

Joomla Vik Appointments extension version 1.7.3 suffers from a cross site scripting vulnerability.

MiniDVBLinux versions 5.4 and below are vulnerable to an unauthenticated configuration download when a direct object reference is made to the backup function using an HTTP GET request.

MiniDVBLinux versions 5.4 and below allows the usage of the SVDRP protocol/commands to be sent by a remote attacker to manipulate and/or remotely control the TV.

MiniDVBLinux versions 5.4 and below root password changing proof of concept exploit.

Backdoor.Win32.DarkSky.23 malware suffers from a buffer overflow vulnerability.

MiniDVBLinux versions 5.4 and below suffer from an unauthenticated live stream disclosure when /tpl/tv_action.sh is called and generates a snapshot in /var/www/images/tv.jpg through the Simple VDR Protocol (SVDRP).

Webile version 1.0.1 suffers from a directory traversal vulnerability.