Kn32

**Name of the Vulnerable Software and Affected Versions** Xlight FTP Server versions <3.9.4.3 **Description** The issue exists due to an integer overflow error in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content. This can allow a remote attacker to execute arbitrary code by sending specially crafted SFTP packets. More than 3500 Xlight FTP servers are currently open on the internet and may be vulnerable to this remote code execution error. **Recommendations** For versions <3.9.4.3, update to version 3.9.4.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the SFTP server until a patch is applied. Ensure that only trusted users have access to the server's service directories.

**Name of the Vulnerable Software and Affected Versions** Parallels Desktop (affected versions not specified) **Description** This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this issue. The specific flaw exists within the Technical Data Reporter component. By creating a symbolic link, an attacker can abuse the service to change the permissions of arbitrary files. An attacker can leverage this issue to escalate privileges and execute arbitrary code in the context of root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Parallels Desktop (affected versions not specified) **Description** The issue is related to the improper verification of a cryptographic signature in the Updater service of Parallels Desktop, allowing local attackers to escalate privileges and execute arbitrary code in the context of root. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions prior to 6.1.46 Oracle VM VirtualBox versions prior to 7.0.10 **Description** The issue is related to errors in resource release in the Core component of Oracle VM VirtualBox. It can be exploited by a remote attacker to execute arbitrary code or gain full control over the application using the RDP protocol. Successful attacks can result in the takeover of Oracle VM VirtualBox. The vulnerability can be difficult to exploit and allows an unauthenticated attacker with network access via RDP to compromise the system. **Recommendations** For versions prior to 6.1.46, update to version 6.1.46 or later. For versions prior to 7.0.10, update to version 7.0.10 or later. As a temporary workaround, consider restricting access to the RDP protocol until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Parallels Desktop (affected versions not specified) **Description** This issue allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this issue. The specific flaw exists within the Updater service, where an attacker can abuse the service to move arbitrary files by creating a symbolic link. This can be leveraged to escalate privileges and execute arbitrary code in the context of root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Parallels Desktop (affected versions not specified) **Description** This issue allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this issue. The specific flaw exists within the Toolgate component, resulting from the lack of proper validation of a user-supplied string before using it to construct an XML document. An attacker can leverage this issue to escalate privileges and execute arbitrary code in the context of the hypervisor. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Parallels Desktop (affected versions not specified) **Description** This issue allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this issue. The specific flaw exists within the Toolgate component, resulting from the lack of proper locking when performing operations on an object. An attacker can leverage this issue to escalate privileges and execute arbitrary code in the context of the current user on the host system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Parallels Desktop (affected versions not specified) **Description** This issue allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this issue. The specific flaw exists within the Updater service and results from the lack of proper initialization of environment variables, allowing an attacker to leverage this issue to escalate privileges and execute arbitrary code in the context of root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Parallels Desktop (affected versions not specified) **Description** The issue is related to improper initialization of environment variables within the Updater service of Parallels Desktop, allowing local attackers to escalate privileges and execute arbitrary code in the context of root. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MySQL Server versions 8.0.30 and prior **Description** The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a high-privileged attacker with network access via multiple protocols to compromise the server. Successful attacks can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. **Recommendations** For versions 8.0.30 and prior, update to a version later than 8.0.30 to resolve the issue. As a temporary workaround, consider restricting network access to the MySQL Server to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Oracle Java SE versions 8u341, 8u345-perf, 11.0.16.1 Oracle GraalVM Enterprise Edition versions 20.3.7, 21.3.3, 22.2.0 **Description** The issue is related to an uncontrolled consumption of resources in the Security component of Oracle Java SE and Oracle GraalVM Enterprise Edition. This easily exploitable vulnerability allows an unauthenticated attacker with network access via HTTPS to compromise the system, resulting in a partial denial of service. The vulnerability applies to Java deployments that load and run untrusted code and rely on the Java sandbox for security. It can also be exploited through APIs in the specified component. **Recommendations** For Oracle Java SE versions 8u341, 8u345-perf, 11.0.16.1, update to a version that includes the fix for this issue. For Oracle GraalVM Enterprise Edition versions 20.3.7, 21.3.3, 22.2.0, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the vulnerable Security component until a patch is available. Avoid using APIs in the specified component that may supply data to untrusted sources until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Oracle Java SE versions 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19 Oracle GraalVM Enterprise Edition versions 20.3.7, 21.3.3, 22.2.0 **Description** The issue allows an unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE and Oracle GraalVM Enterprise Edition. Successful attacks can result in unauthorized update, insert, or delete access to some accessible data. This issue applies to Java deployments that load and run untrusted code and rely on the Java sandbox for security. It can also be exploited by using APIs in the specified component, such as through a web service that supplies data to the APIs. **Recommendations** For Oracle Java SE versions 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19, consider disabling the JNDI component until a patch is available. For Oracle GraalVM Enterprise Edition versions 20.3.7, 21.3.3, 22.2.0, restrict access to the JNDI component to minimize the risk of exploitation. As a temporary workaround, consider avoiding the use of APIs in the specified component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions prior to 6.1.40 **Description** The issue is related to a buffer overflow in the Core component of Oracle VM VirtualBox, allowing an unauthenticated attacker with network access via the VRDP protocol to compromise Oracle VM VirtualBox. Successful attacks can result in the takeover of Oracle VM VirtualBox. The exploitation of this issue is considered difficult. **Recommendations** For versions prior to 6.1.40, update to version 6.1.40 or later to resolve the issue. As a temporary workaround, consider restricting access to the VRDP protocol to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions prior to 6.1.40 **Description** The issue is related to insufficient input validation in the Core component of Oracle VM VirtualBox, allowing an unauthenticated attacker with network access via `VRDP` to compromise Oracle VM VirtualBox. Successful attacks can result in the takeover of Oracle VM VirtualBox. **Recommendations** For versions prior to 6.1.40, update to version 6.1.40 or later to resolve the issue. As a temporary workaround, consider restricting access to the `VRDP` interface until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions prior to 6.1.40 **Description** The issue is related to a double free memory error when handling smart card input/output messages in the Core component of Oracle VM VirtualBox. This can be exploited by a remote attacker to gain full control over the application by sending specially crafted data using the VRDP protocol. Successful attacks can result in the takeover of Oracle VM VirtualBox. **Recommendations** For versions prior to 6.1.40, update to version 6.1.40 or later to resolve the issue. As a temporary workaround, consider restricting access to the VRDP protocol to minimize the risk of exploitation.