Several security vulnerabilities have been discovered in smarty3, the compiling
PHP template engine. Template authors are able to run restricted static php
methods or even arbitrary PHP code by crafting a malicious math string or by
choosing an invalid {block} or {include} file name. If a math string was passed
through as user provided data to the math function, remote users were able to
run arbitrary PHP code as well.
Category Archives: Advisories
Trojan-Ransom.Thanos / Code Execution
Posted by malvuln on May 27
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/be60e389a0108b2871dff12dfbb542ac.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan-Ransom.Thanos
Vulnerability: Code Execution
Description: Thanos looks for and executes DLLs in its current directory.
Therefore, we can potentially hijack a vuln DLL execute our own code,
control and terminate the malware…
[CVE-2022-0779] User Meta “um_show_uploaded_file” Path Traversal / Local File Enumeration
Posted by Julien Ahrens (RCE Security) on May 27
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
=======================
Product: User Meta
Vendor URL: https://wordpress.org/plugins/user-meta
Type: Relative Path Traversal [CWE-23]
Date found: 2022-02-28
Date published: 2022-05-24
CVSSv3 Score: 4.3 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
CVE: CVE-2022-0779
2. CREDITS
==========
This vulnerability was discovered and…
DSA-5150 rsyslog – security update
Peter Agten discovered that several modules for TCP syslog reception in
rsyslog, a system and kernel logging daemon, have buffer overflow flaws
when octet-counted framing is used, which could result in denial of
service or potentially the execution of arbitrary code.
dotnet3.1-3.1.419-1.fc34
FEDORA-2022-21c312c05b
Packages in this update:
dotnet3.1-3.1.419-1.fc34
Update description:
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.25/3.1.25.md
dotnet3.1-3.1.419-1.fc35
FEDORA-2022-62c0ec2d98
Packages in this update:
dotnet3.1-3.1.419-1.fc35
Update description:
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.25/3.1.25.md
dotnet3.1-3.1.419-1.fc36
FEDORA-2022-b3a92b1881
Packages in this update:
dotnet3.1-3.1.419-1.fc36
Update description:
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.25/3.1.25.md
CVE-2021-27780
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
CVE-2021-27781
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.
logrotate-3.18.1-4.fc35
FEDORA-2022-ff0188b37c
Packages in this update:
logrotate-3.18.1-4.fc35
Update description:
lockState: do not print error: when exit code is unaffected (#2090926)
fix potential DoS from unprivileged users via the state file (CVE-2022-1348)