ZDI-22-1699: X.Org Server ProcXIChangeProperty Numeric Truncation Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged...
ZDI-22-1698: X.Org Server ScreenSaverSetAttributes Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code...
ZDI-22-1697: X.Org Server XvdiSelectVideoNotify Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code...
IcedID Abuses Google Search for Distribution
FortiGuard Labs is aware of a report that the IcedID threat actor started to abuse Google pay per click (PPC) to distribute malware. Malicious ads...
New Zerobot Variant Exploits Additional Vulnerabilities for Propagation
FortiGuard Labs is aware of a report that a new Zerobot variant is capable of propagating to other devices by exploiting known vulnerabilities. Zerobot was...
binwalk-2.3.3-1.fc36
FEDORA-2022-3727f00e4b Packages in this update: binwalk-2.3.3-1.fc36 Update description: Security fix for CVE-2021-4287 Read More
binwalk-2.3.3-1.fc37
FEDORA-2022-a36ba48049 Packages in this update: binwalk-2.3.3-1.fc37 Update description: Security fix for CVE-2021-4287 Read More
CVE-2016-15005
CSRF tokens are generated using math/rand, which is not a cryptographically secure rander number generation, making predicting their values relatively trivial and allowing an attacker...