vim-8.2.5172-1.fc35
Security fixes for CVE-2022-2124, CVE-2022-2129, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2231, CVE-2022-2210, CVE-2022-2207, CVE-2022-2208, CVE-2022-2206
vim-8.2.5172-1.fc36
Security fixes for CVE-2022-2124, CVE-2022-2129, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2231, CVE-2022-2210, CVE-2022-2208, CVE-2022-2207, CVE-2022-2206
pcs-0.11.3-1.fc37
Automatic update for pcs-0.11.3-1.fc37.
* Tue Jun 28 2022 Miroslav Lisik <mlisik@redhat.com> – 0.11.3-1
– Rebased to latest upstream sources (see CHANGELOG.md)
– Updated pcs-web-ui
– Resolves: rhbz#2068452
Posted by malvuln on Jun 27
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/1fd70e41918c3a75c634b1c234ec36fb.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.InfecDoor.17.c
Vulnerability: Insecure Permissions
Description: The malware writes a “.420” settings file type to c drive
granting change (C) permissions to the authenticated user group. Standard
users can…
Posted by malvuln on Jun 27
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/20e438d84aa2828826d52540d80bf7f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan-Mailfinder.Win32.VB.p
Vulnerability: Insecure Permissions
Description: The malware writes a dir with multiple PE files to c drive
granting change (C) permissions to the authenticated user group. Standard
users can rename the…
Posted by malvuln on Jun 27
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/5a83f8b8c8a8b7a85b3ff632aa60e793.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Shark.btu
Vulnerability: Insecure Permissions
Description: The malware writes multiple PE files to c drive granting
change (C) permissions to the authenticated user group. Standard users can
rename the executable…
Posted by malvuln on Jun 27
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/13e878ed7e547523cffc5728f6ba4190.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Yashma Ransomware Builder v1.2
Vulnerability: Insecure Permissions
Description: The malware creates PE files with insecure permissions when
writing to c: drive, granting change (C) permissions to the authenticated
user group. Standard…
Posted by chan chan on Jun 27
Hi FullDisclosure,
I would like to publish an exploit that I found on AnyDesk as follows.
# Exploit Title: AnyDesk allow arbitrary file write by symbolic link
attack lead to denial-of-service attack on local machine
# Google Dork: [if applicable]
# Date: 24/5/2022
# Exploit Author: Erwin Chan
# Vendor Homepage: https://anydesk.com/en
# Software Link: https://anydesk.com/en
# Version: 7.0.9
# Tested on: Windows 11
It was found that AnyDesk…
Posted by Mattias Bååth via Fulldisclosure on Jun 27
Hey all
It’s now less than two weeks to submit a talk to SEC-T 2022, at least if
you want to be part of the first talk selection round (recommended) that
we kick off July first.
SEC-T is non-profit, non-corporate, two day, single track, con in
Stockholm, Sweden. We pay travel, accommodation and an honorary to all
speakers.
If you have something fun you’d like to present, send us a submission
before July 1st… or at least before…
Posted by Jose Nicolas Castellano via Fulldisclosure on Jun 27
No cON Name 2022 – Barcelona
************************************
***** Call For Papers ******
************************************
https://www.noconname.org/call-for-papers/
Exact place not disclosed until a few weeks before due celebration.
* INTRODUCTION
The organization has opened CFP proposals. No cON Name is the eldest
Hacking
and Security Conference in Span. Our goal is to get highly qualified
requests
for…
