Backdoor.Win32.Agent.pw / Remote Stack Buffer Overflow (SEH)
Posted by malvuln on Sep 28 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/68dd7df213674e096d6ee255a7b90088.txt Contact: malvuln13 () gmail com Media:...
Backdoor.Win32.Boiling / Remote Command Execution
Posted by malvuln on Sep 28 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/80cb490e5d3c4205434850eff6ef5f8f.txt Contact: malvuln13 () gmail com Media:...
Defense in depth — the Microsoft way (part 88): a SINGLE command line shows about 20, 000 instances of CWE-73
Posted by Stefan Kanthak on Sep 28 Hi @ll, <https://cwe.mitre.org/data/definitions/73.html> CWE-73: External Control of File Name or Path is a well-known and well-documented weakness. <https://seclists.org/fulldisclosure/2020/Mar/48>...
SEC Consult SA-20240925-0 :: Uninstall Password Bypass in BlackBerry CylanceOPTICS Windows Installer Package (CVE-2024-35214)
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Sep 28 SEC Consult Vulnerability Lab Security Advisory < 20240925-0 > ======================================================================= title: Uninstall Password Bypass...
Apple iOS 17.2.1 – Screen Time Passcode Retrieval (Mitigation Bypass)
Posted by Patrick via Fulldisclosure on Sep 28 Document Title: =============== Apple iOS 17.2.1 - Screen Time Passcode Retrieval (Mitigation Bypass) Release Date: ============= 2024-09-24...
DSA-5779-1 cups – security update
Simone Margaritelli reported that cups, the Common UNIX Printing System, does not properly sanitize IPP attributes when creating PPD files, which may result in the...
DSA-5778-1 cups-filters – security update
Simone Margaritelli reported several vulnerabilities in cups-filters. Missing validation of IPP attributes returned from an IPP server and multiple bugs in the cups-browsed component can...
GLSA 202409-30: yt-dlp: Multiple Vulnerabilities
Post Content Read More
GLSA 202409-31: Apache HTTPD: Multiple Vulnerabilities
Post Content Read More
GLSA 202409-32: nginx: Multiple Vulnerabilities
Post Content Read More