FEDORA-EPEL-2022-6a12c208cf

Packages in this update:

snakeyaml-1.32-1.el8

Update description:

Security fix for CVE-2022-25857

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.

Read More

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple D-Link routers. Authentication is not required to exploit this vulnerability.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.

Read More

Posted by malvuln on Sep 19

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Hellza.120
Vulnerability: Authentication Bypass
Description: The malware listens on TCP ports 12122, 21. Third-party
adversarys who can reach infected systems can logon using any
username/password combination….

Read More

Posted by malvuln on Sep 19

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Hellza.120
Vulnerability: Unauthorized Remote Command Execution
Description: The malware listens on TCP ports 12122, 21. Third-party
adversarys who can reach infected systems can issue commands made available
by the…

Read More

Posted by malvuln on Sep 19

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/5ac0f050f93f86e69026faea1fbb4450.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Ransom.Ryuk.A
Vulnerability: Arbitrary Code Execution
Description: The ransomware looks for and executes DLLs in its current
directory. Therefore, we can potentially hijack a vuln DLL execute our own
code, control and terminate…

Read More

Posted by malvuln on Sep 19

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/f72138e574743640bdcdb9f102dff0a5.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Dropper.Win32.Corty.10
Vulnerability: Insecure Credential Storage
Description: The malware stores its credentials in cleartext within the
Windows registry.
Family: Corty
Type: PE32
MD5: f72138e574743640bdcdb9f102dff0a5
Vuln ID:…

Read More