Posted by YEUNG, Tsz Ko on Feb 24
I have actually contacted Dahua PSIRT team and they confirmed the
vulnerability exists few days ago but then since this product is not in
that scope on requesting CVE and therefore I am going to disclose the
Vulnerable Software and Version:
ToolBox-V1.010.0000000.0 (versions prior to this are probably vulnerable
but just tested against V1.010.0000000.0)
Vulnerable software download link:…
FEDORA-2023-15c6e4be28 Packages in this update: mingw-binutils-2.39-6.fc38 Update description: Backport fix for CVE-2023-1579. Read More
USN-5966-2: amanda regression
USN-5966-1 fixed vulnerabilities in amanda. Unfortunately it introduced a regression in GNUTAR-based backups. This update reverts all of the changes...
FEDORA-2023-f992309b7e Packages in this update: ImageMagick-22.214.171.124-2.fc38 Update description: Fix missing epoch in ImageMagick-heic requires (#2181176) Update ImageMagick to 126.96.36.199 (#2176749)...
FEDORA-2023-354467acba Packages in this update: python-flask-restx-1.1.0-1.fc38 Update description: New upstream release Read More
The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to...
USN-5966-1: amanda vulnerabilities
Maher Azzouzi discovered an information disclosure vulnerability in the calcsize binary within amanda. calcsize is a suid binary owned by...