This vulnerability allows local attackers to disclose sensitive information on affected installations of NetBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Category Archives: Advisories
ZDI-22-1036: NetBSD Kernel stat System Call Uninitialized Memory Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of NetBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-1038: Lexmark MC3224i Firmware Downgrade Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark MC3224i printers. Authentication is not required to exploit this vulnerability.
Backdoor.Win32.Destrukor.20 / Unauthenticated Remote Command Execution
Posted by malvuln on Aug 01
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Destrukor.20
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 6969. Third-party adversaries
who can reach infected hosts can run commands made available by the…
Backdoor.Win32.Destrukor.20 / Authentication Bypass
Posted by malvuln on Aug 01
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Destrukor.20
Vulnerability: Authentication Bypass
Description: The malware listens on TCP port 6969. However, after sending a
specific cmd “rozmiar” the backdoor returns “moznasciagac” in Polish…
DSA-5198 jetty9 – security update
Two security vulnerabilities were discovered in Jetty, a Java servlet engine
and webserver.
webkit2gtk3-2.36.5-2.fc35
FEDORA-2022-513f28a4be
Packages in this update:
webkit2gtk3-2.36.5-2.fc35
Update description:
Add support for PAC proxy in the WebDriver implementation.
Fix video playback when loaded through custom URIs, this fixes video playback in the Yelp documentation browser.
Fix several crashes and rendering issues.
Security fixes: CVE-2022-32792, CVE-2022-32816
golang-1.17.12-1.el7
FEDORA-EPEL-2022-ced30d9530
Packages in this update:
golang-1.17.12-1.el7
Update description:
Update to 1.17.12, security fixes for CVE-2022-30629, CVE-2022-1705, CVE-2022-32148, CVE-2022-30631, CVE-2022-28131, CVE-2022-30633, CVE-2022-30632, CVE-2022-30635, CVE-2022-30630, CVE-2022-1962
ghostscript-9.56.1-1.fc35
FEDORA-2022-d287230630
Packages in this update:
ghostscript-9.56.1-1.fc35
Update description:
Rebase to new gs version 9.56.1 (#2072297)
ghostscript-9.56.1-1.fc36
FEDORA-2022-f94f770b56
Packages in this update:
ghostscript-9.56.1-1.fc36
Update description:
Rebase to new gs version 9.56.1 (#2072297)