Posted by malvuln on Aug 08

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/857999d2306f257b80d1b8f6a51ae8b0.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Guptachar.20
Vulnerability: Insecure Credential Storage
Description: The malware runs a web server on TCP port 2015 (default) and
uses BASIC authentication. The credentials “hacker01:imchampgr8” get stored
in a…

Read More

Post Content

Read More

Post Content

Read More

Post Content

Read More

Post Content

Read More

Adam Doupe discovered multiple vulnerabilities in the Gstreamer plugins
to demux Mastroska and AVI files which could result in denial of service
or the execution of arbitrary code.

Read More

FEDORA-EPEL-2022-55ddc1978f

Packages in this update:

rubygem-tzinfo-1.2.10-1.el7

Update description:

Security fix for CVE-2022-31163 ; Update to 1.2.10 (#2110552)

Read More

FEDORA-2022-30c5ed5625

Packages in this update:

fzf-0.29.0-2.fc35

Update description:

Rebuilt for CVE-2022-1705, CVE-2022-1962, CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-28131, CVE-2022-29526, CVE-2022-30629, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32148 in Golang

Read More

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.

Read More

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.

Read More