#rce

Gentoo Linux Security Advisory 202208-1 - A vulnerability in lib3mf could lead to remote code execution. Versions less than 2.1.1 are affected.

Gentoo Linux Security Advisory 202208-5 - Multiple vulnerabilities have been found in Icinga Web 2, the worst of which could result in remote code execution. Versions less than 2.9.6 are affected.

Gentoo Linux Security Advisory 202208-3 - A vulnerability in Babel could result in remote code execution. Versions less than 2.9.1 are affected.

Gentoo Linux Security Advisory 202208-2 - Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. Versions less than 1.18.5 are affected.

Red Hat Security Advisory 2022-5904-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include a buffer overflow vulnerability.

As many as 29 different router models from DrayTek have been identified as affected by a new critical, unauthenticated, remote code execution vulnerability that, if successfully exploited, could lead to full compromise of the device and unauthorized access to the broader network. "The attack can be performed without user interaction if the management interface of the device has been configured

An update for php is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31626: php: password of excessive length triggers buffer overflow leading to RCE

Cisco on Wednesday rolled out patches to address eight security vulnerabilities, three of which could be weaponized by an unauthenticated attacker to gain remote code execution (RCE) or cause a denial-of-service (DoS) condition on affected devices. The most critical of the flaws impact Cisco Small Business RV160, RV260, RV340, and RV345 Series routers. Tracked as CVE-2022-20842 (CVSS score: 9.8)

SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.

Because they leave so little time to patch and defuse, zero-day threats require a proactive, multilayered approach based on zero trust.