Trojan-Ransom.Thanos / Code Execution

May 28, 2022

Read Time:20 Second

Posted by malvuln on May 27

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/be60e389a0108b2871dff12dfbb542ac.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Ransom.Thanos
Vulnerability: Code Execution
Description: Thanos looks for and executes DLLs in its current directory.
Therefore, we can potentially hijack a vuln DLL execute our own code,
control and terminate the malware…

Advisories

[CVE-2022-0779] User Meta “um_show_uploaded_file” Path Traversal / Local File Enumeration

May 28, 2022

Read Time:24 Second

Posted by Julien Ahrens (RCE Security) on May 27

RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: User Meta
Vendor URL: https://wordpress.org/plugins/user-meta
Type: Relative Path Traversal [CWE-23]
Date found: 2022-02-28
Date published: 2022-05-24
CVSSv3 Score: 4.3 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
CVE: CVE-2022-0779

2. CREDITS
==========
This vulnerability was discovered and…

Advisories

DSA-5150 rsyslog – security update

May 28, 2022

Read Time:13 Second

Peter Agten discovered that several modules for TCP syslog reception in
rsyslog, a system and kernel logging daemon, have buffer overflow flaws
when octet-counted framing is used, which could result in denial of
service or potentially the execution of arbitrary code.

News, Advisories and much more

Exit mobile version

Cyber Security News

Daily Archives: May 28, 2022

Trojan-Ransom.Thanos / Code Execution

[CVE-2022-0779] User Meta “um_show_uploaded_file” Path Traversal / Local File Enumeration

DSA-5150 rsyslog – security update

News, Advisories and much more