Update now—July Patch Tuesday patches include fix for exploited zero-day
It’s time to triage a lot of patching again. Microsoft’s July Patch Tuesday includes an actively exploited local privilege escalation...
Vulnerabilities
Microsoft Azure Site Recovery privilege escalation | CVE-2022-33674
NAME Microsoft Azure Site Recovery privilege escalation Platforms Affected:Microsoft Azure Site Recovery VMWare to AzureRisk Level:8.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Microsoft Azure...
Samsung Mobile devices privilege escalation | CVE-2022-33704
NAME Samsung Mobile devices privilege escalation Platforms Affected:Samsung Q 10.0 Samsung R 11 Samsung S 12.0Risk Level:8.4Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Samsung...
HUAWEI EMUI/Magic UI buffer overflow | CVE-2022-34741
NAME HUAWEI EMUI/Magic UI buffer overflow Platforms Affected:Huawei EMUI 11.0.0 Huawei Magic UI 4.0.0 Huawei EMUI 11.0.1 Huawei EMUI 12.0.0Risk...
HUAWEI EMUI/Magic UI buffer overflow | CVE-2022-34740
NAME HUAWEI EMUI/Magic UI buffer overflow Platforms Affected:Huawei EMUI 11.0.0 Huawei Magic UI 4.0.0 Huawei EMUI 11.0.1 Huawei EMUI 12.0.0Risk...
SAP BusinessObjects Business Intelligence Platform information disclosure | CVE-2022-35228
NAME SAP BusinessObjects Business Intelligence Platform information disclosure Platforms Affected:SAP BusinessObjects Business Intelligence Platform 420 SAP BusinessObjects Business Intelligence Platform...
Microsoft Windows Client/Server Runtime Subsystem Service privilege escalation | CVE-2022-22026
NAME Microsoft Windows Client/Server Runtime Subsystem Service privilege escalation Platforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1 x64...
Samsung Mobile devices security bypass | CVE-2022-33702
NAME Samsung Mobile devices security bypass Platforms Affected:Samsung Q 10.0 Samsung R 11 Samsung S 12.0Risk Level:8.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Samsung...
Microsoft Windows Graphics code execution | CVE-2022-30221
NAME Microsoft Windows Graphics code execution Platforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1 x64 Microsoft Windows 8.1...
Samsung Mobile devices privilege escalation | CVE-2022-33703
NAME Samsung Mobile devices privilege escalation Platforms Affected:Samsung Q 10.0 Samsung R 11 Samsung S 12.0Risk Level:8.4Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Samsung...
Microsoft Windows Server Service Tampering | CVE-2022-30216
NAME Microsoft Windows Server Service Tampering Platforms Affected:Microsoft Windows 10 20H2 for 32-bit Systems Microsoft Windows 10 20H2 for ARM64-based...
Microsoft Windows Remote Procedure Call Runtime code execution | CVE-2022-22038
NAME Microsoft Windows Remote Procedure Call Runtime code execution Platforms Affected:Microsoft Windows Server 2012 Microsoft Windows 8.1 x32 Microsoft Windows...
Microsoft Windows Shell code execution | CVE-2022-30222
NAME Microsoft Windows Shell code execution Platforms Affected:Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 10 1809 for...
Microsoft Windows Network File System code execution | CVE-2022-22029
NAME Microsoft Windows Network File System code execution Platforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows...
Vim buffer overflow | CVE-2022-2344
NAME Vim buffer overflow Platforms Affected:Vim Vim 9.0.0046Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Vim is vulnerable to a heap-based buffer...
Node.js tezdoank module code execution |
NAME Node.js tezdoank module code execution Platforms Affected:Node.js tezdoankRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js tezdoank module could allow a remote attacker...
Node.js icon-package module code execution |
NAME Node.js icon-package module code execution Platforms Affected:Node.js icon-packageRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js icon-package module could allow a remote attacker...
Node.js ionicio module code execution |
NAME Node.js ionicio module code execution Platforms Affected:Node.js ionicioRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ionicio module could allow a remote attacker...
Node.js base64-javascript module code execution |
NAME Node.js base64-javascript module code execution Platforms Affected:Node.js base64-javascriptRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js base64-javascript module could allow a remote attacker...
Vim buffer overflow | CVE-2022-2343
NAME Vim buffer overflow Platforms Affected:Vim Vim 9.0.0044Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Vim is vulnerable to a heap-based buffer...
Node.js ionicons-js module code execution |
NAME Node.js ionicons-js module code execution Platforms Affected:Node.js ionicons-jsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ionicons-js module could allow a remote attacker...
Node.js roar-02 module code execution |
NAME Node.js roar-02 module code execution Platforms Affected:Node.js roar-02Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js roar-02 module could allow a remote attacker...
Node.js umbrellaks module code execution |
NAME Node.js umbrellaks module code execution Platforms Affected:Node.js umbrellaksRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js umbrellaks module could allow a remote attacker...
Node.js ionic-icon module code execution |
NAME Node.js ionic-icon module code execution Platforms Affected:Node.js ionic-iconRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ionic-icon module could allow a remote attacker...
