Posted by malvuln on Nov 20
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/71a76adeadc7b51218d265771fc2b0d1.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan.Win32.Platinum.gen
Vulnerability: Arbitrary Code Execution
Description: The malware looks for and executes DLLs in its current
directory. Therefore, we can potentially hijack a vuln DLL execute our own
code, control and…
Posted by malvuln on Nov 20
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/71a76adeadc7b51218d265771fc2b0d1.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan.Win32.Platinum.gen
Vulnerability: Arbitrary Code Execution
Description: The malware looks for and executes DLLs in its current
directory. Therefore, we can potentially hijack a vuln DLL execute our own
code, control and…
Posted by malvuln on Nov 20
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/13ce53de9ca4c4e6c58f990b442cb419.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Quux
Vulnerability: Weak Hardcoded Credentials
Family: Quux
Type: PE32
MD5: 13ce53de9ca4c4e6c58f990b442cb419
Vuln ID: MVID-2022-0656
Dropped files: quux32.exe
Disclosure: 11/15/2022
Description: The malware listens on…
Posted by malvuln on Nov 20
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/13ce53de9ca4c4e6c58f990b442cb419.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Quux
Vulnerability: Weak Hardcoded Credentials
Family: Quux
Type: PE32
MD5: 13ce53de9ca4c4e6c58f990b442cb419
Vuln ID: MVID-2022-0656
Dropped files: quux32.exe
Disclosure: 11/15/2022
Description: The malware listens on…
Posted by Julien Ahrens (RCE Security) on Nov 20
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
=======================
Product: Betheme
Vendor URL: https://muffingroup.com/betheme/
Type: Deserialization of Untrusted Data [CWE-502]
Date found: 2022-11-02
Date published: 2022-11-18
CVSSv3 Score: 8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVE: CVE-2022-3861
2. CREDITS
==========
This vulnerability was discovered and…
FEDORA-2022-42723b43fe
Packages in this update:
python-virtualbmc-3.0.0-1.fc35
Update description:
Security fix for CVE-2022-44020
FEDORA-2022-72b8efd577
Packages in this update:
python-virtualbmc-3.0.0-1.fc36
Update description:
Security fix for CVE-2022-44020
FEDORA-2022-471e14677d
Packages in this update:
python-virtualbmc-3.0.0-1.fc37
Update description:
Security fix for CVE-2022-44020
FEDORA-EPEL-2022-bf8500ac5b
Packages in this update:
python-slixmpp-1.7.1-1.el8
Update description:
Security fix for CVE-2022-45197
FEDORA-MODULAR-2022-8b6db600a4
Packages in this update:
varnish-6.0-3720221118143100.9e842022
Update description:
New upstream release varnish-6.0.11: A security release. Includes fix for CVE-2022-45060 aka VSV00011. See https://varnish-cache.org/security/VSV00011.html for details.
Posts navigation
News, Advisories and much more