CVE-2022-29489 – WordPress Sucuri Security plugin <= 1.8.33 - Cross-Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2022-29489
Cross-Site Request Forgery (CSRF) vulnerability in Sucuri Security plugin <= 1.8.33 at WordPress leading to Event log entry creation. Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) en el plugin de seguridad Sucuri versiones anteriores a 1.8.33 incluyéndola, en WordPress conllevando a una creación de una entrada de Registro de Eventos The Sucuri Security plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.33. This is due to missing or incorrect nonce validation on several of its hooks. This makes it possible for unauthenticated attackers to log edit/modify/delete events for themes and plugins, via forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/sucuri-scanner/wordpress-sucuri-security-plugin-1-8-33-cross-site-request-forgery-csrf-vulnerability https://wordpress.org/plugins/sucuri-scanner/#developers • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2022-37347 – Trend Micro Maximum Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-37347
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This vulnerability is similar to, but not the same as CVE-2022-35234. Trend Micro Security versiones 2021 y 2022 (Consumer) es susceptible a una Vulnerabilidad de Divulgación de Información de Lectura Fuera de Límites que podría permitir a un atacante leer información confidencial de otras ubicaciones de memoria y causar un bloqueo en un equipo afectado. Esta vulnerabilidad es similar, pero no igual, a CVE-2022-35234 This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the User Mode Hooking Monitor Engine. • https://helpcenter.trendmicro.com/en-us/article/tmka-11058 https://www.zerodayinitiative.com/advisories/ZDI-22-1176 • CWE-125: Out-of-bounds Read •
CVE-2022-37348 – Trend Micro Maximum Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-37348
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This vulnerability is similar to, but not the same as CVE-2022-37347. Trend Micro Security versiones 2021 y 2022 (Consumer) es vulnerable a una Vulnerabilidad de Divulgación de Información de Lectura Fuera de Límites que podría permitir a un atacante leer información confidencial de otras ubicaciones de memoria y causar un bloqueo en un equipo afectado. Esta vulnerabilidad es similar, pero no igual, a CVE-2022-37347 This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the User Mode Hooking Monitor Engine. • https://helpcenter.trendmicro.com/en-us/article/tmka-11058 https://www.zerodayinitiative.com/advisories/ZDI-22-1177 • CWE-125: Out-of-bounds Read •
CVE-2022-34893 – Trend Micro Maximum Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-34893
Trend Micro Security 2022 (consumer) has a link following vulnerability where an attacker with lower privileges could manipulate a mountpoint which could lead to escalation of privilege on an affected machine. Trend Micro Security versión 2022 (consumer), presenta una vulnerabilidad de tipo link following en la que un atacante con bajos privilegios podría manipular un punto de montaje que podría conllevar a una escalada de privilegios en una máquina afectada This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Trend Micro Anti-Malware Solution Platform. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://helpcenter.trendmicro.com/en-us/article/tmka-11053 https://www.zerodayinitiative.com/advisories/ZDI-22-1175 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2020-26941
https://notcve.org/view.php?id=CVE-2020-26941
A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place during the installation phase of ESET products. Furthermore, exploitation can only succeed when Self-Defense is disabled. Affected products are: ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security, ESET Smart Security Premium versions 13.2 and lower; ESET Endpoint Antivirus, ESET Endpoint Security, ESET NOD32 Antivirus Business Edition, ESET Smart Security Business Edition versions 7.3 and lower; ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, ESET Security for Kerio, ESET Security for Microsoft SharePoint Server versions 7.2 and lower. Un usuario local (autenticado) con pocos privilegios puede explotar un comportamiento en un instalador de ESET para lograr la sobrescritura (eliminación) arbitraria de cualquier archivo por medio de un enlace simbólico, debido a permisos no seguros. • https://support.eset.com/en/ca7794-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows • CWE-276: Incorrect Default Permissions •