This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Western Digital MyCloud PR4100 NAS devices. Authentication is not required to exploit this vulnerability.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Australia’s signal intelligence agency calls upon an Eighties popstar to fight terrorism, and a simple act of kindness leads to a woman being scammed for thousands.
All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Plus don’t miss our featured interview with Max Power of Bitwarden.
mariadb-10.5.20-1.fc38
MariaDB 10.5.20
Release notes:
mariadb-10.5.20-1.fc37
MariaDB 10.5.20
Release notes:
Posted by Stefan Kanthak on Jun 07
Hi @ll,
about a month ago Microsoft published HVCIScan-{amd,arm}64.exe, a
“Tool to check devices for compatibility with memory integrity (HVCI)”
The “Install instructions” on the download page
<https://www.microsoft.com/en-us/download/105217> tell:
| Download the hvciscan.exe for your system architecture (AMD64 or ARM64).
| From an elevated command window or PowerShell, run hvciscan.exe
“ELEVATED” sounds…
Posted by Qualys Security Advisory via Fulldisclosure on Jun 07
Qualys Security Advisory
LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863
========================================================================
Contents
========================================================================
Summary
CVE-2023-33865, a symlink vulnerability in /tmp/RenderDoc
– Analysis
– Exploitation
CVE-2023-33864, an integer underflow to heap-based buffer overflow
– Analysis
– Exploitation…
