Posted by malvuln on Jun 10

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/dedad693898bba0e4964e6c9a749d380.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Ransom.Haron
Vulnerability: Code Execution
Description: Haron looks for and executes DLLs in its current directory.
Therefore, we can potentially hijack a vuln DLL execute our own code,
control and terminate the malware pre-encryption….

Read More

Posted by Matthias Deeg on Jun 10

Advisory ID: SYSS-2022-014
Product: Fingerprint Secure Portable Hard Drive
Manufacturer: Verbatim
Affected Version(s): #53650
Tested Version(s): #53650
Vulnerability Type: Use of a Cryptographic Primitive with a Risky
Implementation (CWE-1240)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2022-02-03
Solution…

Read More

Posted by Matthias Deeg on Jun 10

Advisory ID: SYSS-2022-011
Product: Executive Fingerprint Secure SSD
Manufacturer: Verbatim
Affected Version(s): GDMSFE01-INI3637-C VER1.1
Tested Version(s): GDMSFE01-INI3637-C VER1.1
Vulnerability Type: Missing Immutable Root of Trust in Hardware
(CWE-1326)
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2022-02-03
Solution Date:…

Read More

Posted by Matthias Deeg on Jun 10

Advisory ID: SYSS-2022-006
Product: Store ‘n’ Go Secure Portable HDD
Manufacturer: Verbatim
Affected Version(s): GD25LK01-3637-C VER4.0
Tested Version(s): GD25LK01-3637-C VER4.0
Vulnerability Type: Use of a Cryptographic Primitive with a Risky
Implementation (CWE-1240)
Risk Level: Low
Solution Status: Open
Manufacturer…

Read More

Posted by Matthias Deeg on Jun 10

Advisory ID: SYSS-2022-005
Product: Store ‘n’ Go Secure Portable HDD
Manufacturer: Verbatim
Affected Version(s): GD25LK01-3637-C VER4.0
Tested Version(s): GD25LK01-3637-C VER4.0
Vulnerability Type: Use of a Cryptographic Primitive with a Risky
Implementation (CWE-1240)
Risk Level: High
Solution Status: Open
Manufacturer…

Read More

Posted by Matthias Deeg on Jun 10

Advisory ID: SYSS-2022-004
Product: Keypad Secure USB 3.2 Gen 1 Drive
Manufacturer: Verbatim
Affected Version(s): Part Number #49428
Tested Version(s): Part Number #49428
Vulnerability Type: Expected Behavior Violation (CWE-440)
Risk Level: Low
Solution Status: Open
Manufacturer Notification: 2022-01-27
Solution Date: –
Public Disclosure:…

Read More

Posted by Matthias Deeg on Jun 10

Advisory ID: SYSS-2022-003
Product: Keypad Secure USB 3.2 Gen 1 Drive
Manufacturer: Verbatim
Affected Version(s): Part Number #49428
Tested Version(s): Part Number #49428
Vulnerability Type: Missing Immutable Root of Trust in Hardware
(CWE-1326)
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2022-01-27
Solution Date: -…

Read More

Posted by Matthias Deeg on Jun 10

Advisory ID: SYSS-2022-002
Product: Keypad Secure USB 3.2 Gen 1 Drive
Manufacturer: Verbatim
Affected Version(s): Part Number #49428
Tested Version(s): Part Number #49428
Vulnerability Type: Use of a Cryptographic Primitive with a Risky
Implementation (CWE-1240)
Risk Level: Low
Solution Status: Open
Manufacturer Notification:…

Read More

FEDORA-2022-1d955acf8c

Packages in this update:

moby-engine-20.10.17-1.fc35

Update description:

https://github.com/moby/moby/releases/tag/v20.10.17

includes updates to bundled libraries in order to fix CVEs.

Read More

FEDORA-2022-2b9205baf6

Packages in this update:

moby-engine-20.10.17-1.fc36

Update description:

https://github.com/moby/moby/releases/tag/v20.10.17

includes updates to bundled libraries in order to fix CVEs.

Read More