# wolfssl before 5.5.1: CVE-2022-39173 Buffer overflow when refining
cipher suites
==
## INFO
===
The CVE project has assigned the id CVE-2022-39173 to this issue.
Severity: high 7.5
Affected version: before 5.5
Qualys Security Advisory
Leeloo Multipath: Authorization bypass and symlink attack in multipathd
(CVE-2022-41974 and CVE-2022-41973)
Contents
Summa
# Exploit Title: Alibaba Cloud Workspace vulnerable to IDOR which lead to
account hijacking in a certain situation
# Date: 30/10/2022
# Exploit Author: Erwin Chan
# Vendor Homepage: https://www.alibabacloud.com/
# Software Link:
https://www.alibabacloud.com/product/cloud-desktop/download-client
# V
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16
iOS 16.1 and iPadOS 16 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213489.
AppleMobileFileIntegrity
Available for: iPhone 8 and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-24-2 macOS Ventura 13
macOS Ventura 13 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213488.
Accelerate Framework
Available for: Mac Studio (2022), Mac Pro (
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-24-3 macOS Monterey 12.6.1
macOS Monterey 12.6.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213494.
AppleMobileFileIntegrity
Available for: macOS Monterey
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-24-4 macOS Big Sur 11.7.1
macOS Big Sur 11.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213493.
AppleMobileFileIntegrity
Available for: macOS Big Sur
Im
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/b3b19524967d22d6eb7517b03b660b00.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Delf.arh
Vulnerability: Authentication Bypass
Description: The malware r
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/70c5f8d61f6ac67091c0c5860e456427.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Psychward.10
Vulnerability: Unauthenticated Remote Command Execution
Des
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/8d0df60c96e4011c312d61ed3e6dc70e.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Email-Worm.Win32.Kipis.c
Vulnerability: Remote File Write Code Execution
Description: T
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-24-5 watchOS 9.1
watchOS 9.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213491.
AppleMobileFileIntegrity
Available for: Apple Watch Series 4 and later
Imp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-24-6 tvOS 16.1
tvOS 16.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213492.
AppleMobileFileIntegrity
Available for: Apple TV 4K, Apple TV 4K (2nd generati
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-24-7 Safari 16.1
Safari 16.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213495.
WebKit
Available for: macOS Big Sur and macOS Monterey
Impact: Visiting a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-1 iOS 15.7.1 and iPadOS 15.7.1
iOS 15.7.1 and iPadOS 15.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213490.
Apple Neural Engine
Available for: iPhon
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-2 Additional information for APPLE-SA-2022-10-24-1 iOS 16.1
and iPadOS 16
iOS 16.1 and iPadOS 16 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213489.
Ap
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-3 Additional information for APPLE-SA-2022-09-12-1 iOS 16
iOS 16 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213446.
Accelerate Framework
Available for:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-4 Additional information for APPLE-SA-2022-09-12-2 iOS 15.7
and iPadOS 15.7
iOS 15.7 and iPadOS 15.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213445.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS
Ventura 13
macOS Ventura 13 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213488.
Accelerate Fra
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-6 Additional information for APPLE-SA-2022-10-24-3 macOS
Monterey 12.6.1
macOS Monterey 12.6.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213494.
Appl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS
Monterey 12.6
macOS Monterey 12.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213444.
AppleMob
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-8 Additional information for APPLE-SA-2022-10-24-4 macOS
Big Sur 11.7.1
macOS Big Sur 11.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213493.
AppleM
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS
Big Sur 11.7
macOS Big Sur 11.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213443.
AppleMobil
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-10 Additional information for APPLE-SA-2022-10-24-6 tvOS
16.1
tvOS 16.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213492.
AppleMobileFileIntegrity
Av
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-11 tvOS 16
tvOS 16 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213487.
Accelerate Framework
Available for: Apple TV 4K, Apple TV 4K (2nd generation), an
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-12 Additional information for APPLE-SA-2022-10-24-5 watchOS
9.1
watchOS 9.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213491.
AppleMobileFileIntegrit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-13 watchOS 9
watchOS 9 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213486.
Accelerate Framework
Available for: Apple Watch Series 4 and later
Impact: Pr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-14 Additional information for APPLE-SA-2022-09-12-5 Safari
16
Safari 16 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213442.
Safari Extensions
Available
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-27-15 Additional information for APPLE-SA-2022-10-24-7 Safari
16.1
Safari 16.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213495.
WebKit
Available for: m
28 matches
Mail list logo