Exploiting an N-day vBulletin PHP Object Injection Vulnerability
Posted by Egidio Romano on Nov 29 Hello list, Just wanted to share with you my latest blog post: http://karmainsecurity.com/exploiting-an-nday-vbulletin-php-object-injection Best regards, /EgiX Read More
Win32.Ransom.Conti / Crypto Logic Flaw
Posted by malvuln on Nov 29 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/99e55ce93392068c970384ab24a0e13d.txt Contact: malvuln13 () gmail com Media:...
Ransomware Deception Tactics Part 1
Posted by malvuln on Nov 29 Did you know? some Ransomware like CONTI and others will FAIL to encrypt non PE files that have a...
Trojan.Win32.DarkNeuron.gen / Named Pipe Null DACL
Posted by malvuln on Nov 29 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/d891c9374ccb2a4cae2274170e8644d8.txt Contact: malvuln13 () gmail com Media:...
Backdoor.Win32.Autocrat.b / Weak Hardcoded Credentials
Posted by malvuln on Nov 29 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/4262a8b52b902aa2e6bf02a156d1b8d4.txt Contact: malvuln13 () gmail com Media:...
Backdoor.Win32.Serman.a / Unauthenticated Open Proxy
Posted by malvuln on Nov 29 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/f312e3a436995b86b205a1a37b1bf10f.txt Contact: malvuln13 () gmail com Media:...
Open-Xchange Security Advisory 2022-11-24
Posted by Martin Heiland via Fulldisclosure on Nov 29 Dear subscribers, we're sharing our latest advisory with you and like to thank everyone who contributed...
[CVE-2022-33942] Intel Data Center Manager Console <= 4.1.1.45749 ”UserMgmtHandler" Authentication Logic Error Leading to Authentication Bypass
Posted by Julien Ahrens (RCE Security) on Nov 29 RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Intel Data Center Manager Vendor URL: https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html...
crashing potplayer again
Posted by houjingyi on Nov 29 I disclosured a crash in potplayer last year : https://seclists.org/fulldisclosure/2021/Mar/76 And I found a new one this year, this...
USN-5745-2: shadow regression
USN-5745-1 fixed vulnerabilities in shadow. Unfortunately that update introduced a regression that caused useradd to behave incorrectly in Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu...