ZDI-22-1702: D-Link DIR-825/EE xupnpd Generic Plugin Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825/EE routers. Authentication is not required to exploit this vulnerability. Read...
ZDI-22-1701: D-Link DIR-825/EE xupnpd YouTube Plugin Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825/EE routers. Authentication is not required to exploit this vulnerability. Read...
ZDI-22-1700: X.Org Server XkbCopyNames Double Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code...
ZDI-22-1699: X.Org Server ProcXIChangeProperty Numeric Truncation Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged...
ZDI-22-1698: X.Org Server ScreenSaverSetAttributes Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code...
ZDI-22-1697: X.Org Server XvdiSelectVideoNotify Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code...
IcedID Abuses Google Search for Distribution
FortiGuard Labs is aware of a report that the IcedID threat actor started to abuse Google pay per click (PPC) to distribute malware. Malicious ads...
New Zerobot Variant Exploits Additional Vulnerabilities for Propagation
FortiGuard Labs is aware of a report that a new Zerobot variant is capable of propagating to other devices by exploiting known vulnerabilities. Zerobot was...
GLSA 202212-07: libksba: Remote Code Execution
Post Content Read More
GLSA 202212-06: OpenSSH: Multiple Vulnerabilities
Post Content Read More