[FD] Multiple vulnerabilities discovered in Qualys Cloud Agent

2022-09-12 Thread Daniel Wood via Fulldisclosure
The Unqork Security team discovered multiple security vulnerabilities in the Qualys Cloud Agent, to include arbitrary code execution. CVE-2022-29549 (Arbitrary Code Execution) https://nvd.nist.gov/vuln/detail/CVE-2022-29549 CVE-2022-29550 (Sensitive Information Disclosure) https://nvd.nist.gov/vu

[FD] [SYSS-2022-041] Remote Code Execution due to unsafe JMX default configuration in JasperReports Server

2022-09-12 Thread Moritz Bechler
Advisory ID: SYSS-2022-041 Product: JasperReports Server Manufacturer: TIBCO Software Inc. Tested Version(s): 8.0.2 Community Edition Vulnerability Type:CWE-502: Deserialization of Untrusted Data Risk Level:High Solution

[FD] APPLE-SA-2022-09-12-1 iOS 16

2022-09-12 Thread Apple Product Security via Fulldisclosure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2022-09-12-1 iOS 16 iOS 16 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213446. Additional CVE entries to be added soon. Contacts Available for: iPhone 8 and later

[FD] APPLE-SA-2022-09-12-2 iOS 15.7 and iPadOS 15.7

2022-09-12 Thread Apple Product Security via Fulldisclosure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2022-09-12-2 iOS 15.7 and iPadOS 15.7 iOS 15.7 and iPadOS 15.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213445. Contacts Available for: iPhone 6s and later, iPa

[FD] APPLE-SA-2022-09-12-4 macOS Monterey 12.6

2022-09-12 Thread Apple Product Security via Fulldisclosure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2022-09-12-4 macOS Monterey 12.6 macOS Monterey 12.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213444. ATS Available for: macOS Monterey Impact: An app may be ab

[FD] APPLE-SA-2022-09-12-5 Safari 16

2022-09-12 Thread Apple Product Security via Fulldisclosure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2022-09-12-5 Safari 16 Safari 16 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213442. Safari Extensions Available for: macOS Big Sur and macOS Monterey Impact: A we