Read Time:8 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected D-Link DIR-2150 routers. Authentication is not required to exploit this vulnerability.
Category Archives: Advisories
ZDI-22-1220: D-Link DIR-2150 anweb action_handler Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected D-Link DIR-2150 routers. Authentication is not required to exploit this vulnerability.
CVE-2020-19586
Read Time:6 Second
Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI.
CVE-2020-19587
Read Time:8 Second
Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI.
CVE-2021-36568
Read Time:18 Second
In certain Moodle products after creating a course, it is possible to add in a arbitrary “Topic” a resource, in this case a “Database” with the type “Text” where its values “Field name” and “Field description” are vulnerable to Cross Site Scripting Stored(XSS). This affects Moodle 3.11 and Moodle 3.10.4 and Moodle 3.9.7.
ImageMagick-6.9.12.63-1.el8
Read Time:12 Second
FEDORA-EPEL-2022-9d8794e452
Packages in this update:
ImageMagick-6.9.12.63-1.el8
Update description:
Update ImageMagick to 6.9.12.63 (#2125990)
Update ImageMagick to 6.9.12.62 (#2121962)
Fixes CVE-2021-3574 (#2124540, #2124541, #2124542)
ImageMagick-6.9.12.63-1.el9
Read Time:12 Second
FEDORA-EPEL-2022-0cf315054d
Packages in this update:
ImageMagick-6.9.12.63-1.el9
Update description:
Update ImageMagick to 6.9.12.63 (#2125990)
Update ImageMagick to 6.9.12.62 (#2121962)
Fixes CVE-2021-3574 (#2124540, #2124541, #2124542)
ImageMagick-6.9.12.63-1.fc35
Read Time:12 Second
FEDORA-2022-0a0e4cb94a
Packages in this update:
ImageMagick-6.9.12.63-1.fc35
Update description:
Update ImageMagick to 6.9.12.63 (#2125990)
Update ImageMagick to 6.9.12.62 (#2121962)
Fixes CVE-2021-3574 (#2124540, #2124541, #2124542)
ImageMagick-6.9.12.63-1.fc37
Read Time:12 Second
FEDORA-2022-9b5bb11725
Packages in this update:
ImageMagick-6.9.12.63-1.fc37
Update description:
Update ImageMagick to 6.9.12.63 (#2125990)
Update ImageMagick to 6.9.12.62 (#2121962)
Fixes CVE-2021-3574 (#2124540, #2124541, #2124542)
MS-ISAC CYBERSECURITY ADVISORY – Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Read Time:46 Second
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.
Experience Manager is a comprehensive content management solution for building websites, mobile apps and forms
Bridge is a digital asset management application
InDesign is an industry-leading layout and page design software for print and digital media
Photoshop is a graphics editor
Adobe InCopy is a professional word processor.
Animate is a multimedia authoring computer animation program.
Illustrator is a vector graphics editor and design program.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.