Read Time:6 Second
FEDORA-EPEL-2022-c48c7429c0
Packages in this update:
snakeyaml-1.32-1.el9
Update description:
Security fix for CVE-2022-25857
Category Archives: Advisories
snakeyaml-1.32-1.el8
Read Time:6 Second
FEDORA-EPEL-2022-6a12c208cf
Packages in this update:
snakeyaml-1.32-1.el8
Update description:
Security fix for CVE-2022-25857
ZDI-22-1292: FreeBSD Kernel Netmap Integer Overflow Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-1291: FreeBSD Kernel Netmap Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-1290: D-Link Multiple Routers lighttpd Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple D-Link routers. Authentication is not required to exploit this vulnerability.
ZDI-22-1294: FreeBSD Kernel MPT Heap-based Buffer Overflow Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-1293: FreeBSD Kernel MPT Heap-based Buffer Overflow Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
Backdoor.Win32.Hellza.120 / Authentication Bypass
Read Time:19 Second
Posted by malvuln on Sep 19
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Hellza.120
Vulnerability: Authentication Bypass
Description: The malware listens on TCP ports 12122, 21. Third-party
adversarys who can reach infected systems can logon using any
username/password combination….
Backdoor.Win32.Hellza.120 / Unauthorized Remote Command Execution
Read Time:20 Second
Posted by malvuln on Sep 19
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Hellza.120
Vulnerability: Unauthorized Remote Command Execution
Description: The malware listens on TCP ports 12122, 21. Third-party
adversarys who can reach infected systems can issue commands made available
by the…
Trojan.Ransom.Ryuk.A / Arbitrary Code Execution
Read Time:20 Second
Posted by malvuln on Sep 19
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/5ac0f050f93f86e69026faea1fbb4450.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan.Ransom.Ryuk.A
Vulnerability: Arbitrary Code Execution
Description: The ransomware looks for and executes DLLs in its current
directory. Therefore, we can potentially hijack a vuln DLL execute our own
code, control and terminate…