Hicos citizen certificate client-side component does not filter special characters for command parameters in specific web URLs. An unauthenticated remote attacker can exploit this vulnerability to perform command injection attack to execute arbitrary system command, disrupt system or terminate service.
More Stories
et-6.2.8-2.el8
FEDORA-EPEL-2024-f282573e05 Packages in this update: et-6.2.8-2.el8 Update description: Update to 6.2.8, fixing CVE-2022-48257 and CVE-2022-48258 Read More
pypy-7.3.15-3.fc40
FEDORA-2024-612986fdfa Packages in this update: pypy-7.3.15-3.fc40 Update description: Security fix for CVE-2023-5752 (in the bundled pip). Read More
pypy-7.3.15-3.fc39
FEDORA-2024-dada06a500 Packages in this update: pypy-7.3.15-3.fc39 Update description: Security fix for CVE-2023-5752 (in the bundled pip). Read More
pypy-7.3.15-3.fc38
FEDORA-2024-797928fed3 Packages in this update: pypy-7.3.15-3.fc38 Update description: Security fix for CVE-2023-5752 (in the bundled pip). Read More
Microsoft PlayReady white-box cryptography weakness
Posted by Security Explorations on May 01 Hello All, There is yet another attack possible against Protected Media Path process...
pypy-7.3.15-3.fc41
FEDORA-2024-305522ab38 Packages in this update: pypy-7.3.15-3.fc41 Update description: Automatic update for pypy-7.3.15-3.fc41. Changelog * Tue Apr 30 2024 Charalampos Stratakis...