ZDI-22-1291: FreeBSD Kernel Netmap Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code...
ZDI-22-1290: D-Link Multiple Routers lighttpd Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple D-Link routers. Authentication is not required to exploit this vulnerability. Read...
ZDI-22-1294: FreeBSD Kernel MPT Heap-based Buffer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code...
ZDI-22-1293: FreeBSD Kernel MPT Heap-based Buffer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code...
Backdoor.Win32.Hellza.120 / Authentication Bypass
Posted by malvuln on Sep 19 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21_B.txt Contact: malvuln13 () gmail com Media:...
Backdoor.Win32.Hellza.120 / Unauthorized Remote Command Execution
Posted by malvuln on Sep 19 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21.txt Contact: malvuln13 () gmail com Media:...
Trojan.Ransom.Ryuk.A / Arbitrary Code Execution
Posted by malvuln on Sep 19 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/5ac0f050f93f86e69026faea1fbb4450.txt Contact: malvuln13 () gmail com Media:...
Trojan-Dropper.Win32.Corty.10 / Insecure Credential Storage
Posted by malvuln on Sep 19 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/f72138e574743640bdcdb9f102dff0a5.txt Contact: malvuln13 () gmail com Media:...
Re: over 2000 packages depend on abort()ing libgmp
Posted by Matthew Fernandez on Sep 19 What is the security boundary being violated here? As a maintainer of some of the packages implicated here,...
Microsoft Patch Tuesday Fixed Vulnerability (CVE-2022-34718) More Likely To Be Exploited
Microsoft has released 63 security patches for this month's September 2022 release. One of the fixes is for CVE-2022-34718 (Windows TCP/IP Remote Code Execution Vulnerability)....