ZDI-22-938: Tencent WeChat WXAM Decoder Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that...
ZDI-22-939: Tencent WeChat WXAM Decoder Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that...
ZDI-22-940: Parallels Desktop ACPI Out-Of-Bounds Read Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code...
ZDI-22-941: Parallels Desktop Tools Untrusted Pointer Dereference Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged...
ZDI-22-942: Parallels Desktop Updater Incorrect Permission Assignment Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code...
ZDI-22-943: Parallels Desktop Updater Race Condition Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code...
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla Firefox, Firefox Extended Support Release (ESR) and Mozilla Thunderbird, the most severe of which could allow for arbitrary...
SolarWinds creates new software build system in wake of Sunburst attack
SolarWinds became the poster child for attacks on software supply chains last year when a group of threat actors injected malicious code known as Sunburst...
USN-5496-1: cloud-init vulnerability
Mike Stroyan discovered that cloud-init could log password hashes when reporting schema failures. An attacker with access to these logs could potentially use this to...
onionscan-0.2-11.fc36
FEDORA-2022-75ba99551f Packages in this update: onionscan-0.2-11.fc36 Update description: Disable TestExtractBitcoinAddress test Read More