Category Archives: Advisories

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution

Read Time:25 Second

Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights.

Read More

golang-1.18.5-1.fc36

Read Time:15 Second

FEDORA-2022-1f829990f0

Packages in this update:

golang-1.18.5-1.fc36

Update description:

go1.18.5 includes security fixes to the encoding/gob and math/big packages, as well as bug fixes to the compiler, the go command, the runtime, and the testing package.

Upstream notes.

Read More

Backdoor.Win32.Destrukor.20 / Unauthenticated Remote Command Execution

Read Time:20 Second

Posted by malvuln on Aug 01

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Destrukor.20
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 6969. Third-party adversaries
who can reach infected hosts can run commands made available by the…

Read More

Backdoor.Win32.Destrukor.20 / Authentication Bypass

Read Time:18 Second

Posted by malvuln on Aug 01

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Destrukor.20
Vulnerability: Authentication Bypass
Description: The malware listens on TCP port 6969. However, after sending a
specific cmd “rozmiar” the backdoor returns “moznasciagac” in Polish…

Read More

webkit2gtk3-2.36.5-2.fc35

Read Time:17 Second

FEDORA-2022-513f28a4be

Packages in this update:

webkit2gtk3-2.36.5-2.fc35

Update description:

Add support for PAC proxy in the WebDriver implementation.
Fix video playback when loaded through custom URIs, this fixes video playback in the Yelp documentation browser.
Fix several crashes and rendering issues.
Security fixes: CVE-2022-32792, CVE-2022-32816

Read More

golang-1.17.12-1.el7

Read Time:16 Second

FEDORA-EPEL-2022-ced30d9530

Packages in this update:

golang-1.17.12-1.el7

Update description:

Update to 1.17.12, security fixes for CVE-2022-30629, CVE-2022-1705, CVE-2022-32148, CVE-2022-30631, CVE-2022-28131, CVE-2022-30633, CVE-2022-30632, CVE-2022-30635, CVE-2022-30630, CVE-2022-1962

Read More