ZDI-23-1812: BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the...
ZDI-23-1813: Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability. The ZDI...
ZDI-23-1810: QEMU NVMe Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of QEMU. An attacker must first obtain the ability to execute high-privileged code...
Apache Struts2 Remote Code Execution Vulnerability (CVE-2023-50164)
What is the Vulnerability? A remote attacker can manipulate the file upload parameters on the Apache Struts to enable path traversal and upload a malicious...
DSA-5581-1 firefox-esr – security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape or...
BlackCat Ransomware Raises Ante After FBI Disruption
The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as...
asterisk release 20.5.1
Posted by Asterisk Development Team via Fulldisclosure on Dec 19 The Asterisk Development Team would like to announce security release Asterisk 20.5.1. The release artifacts...
asterisk release 18.20.1
Posted by Asterisk Development Team via Fulldisclosure on Dec 19 The Asterisk Development Team would like to announce security release Asterisk 18.20.1. The release artifacts...