Several vulnerabilities were discovered in Apache Traffic Server, a
reverse and forward proxy server, which could result in HTTP request
smuggling or MITM attacks.
Category Archives: Advisories
DSA-5151 smarty3 – security update
Several security vulnerabilities have been discovered in smarty3, the compiling
PHP template engine. Template authors are able to run restricted static php
methods or even arbitrary PHP code by crafting a malicious math string or by
choosing an invalid {block} or {include} file name. If a math string was passed
through as user provided data to the math function, remote users were able to
run arbitrary PHP code as well.
Trojan-Ransom.Thanos / Code Execution
Posted by malvuln on May 27
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/be60e389a0108b2871dff12dfbb542ac.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan-Ransom.Thanos
Vulnerability: Code Execution
Description: Thanos looks for and executes DLLs in its current directory.
Therefore, we can potentially hijack a vuln DLL execute our own code,
control and terminate the malware…
[CVE-2022-0779] User Meta “um_show_uploaded_file” Path Traversal / Local File Enumeration
Posted by Julien Ahrens (RCE Security) on May 27
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
=======================
Product: User Meta
Vendor URL: https://wordpress.org/plugins/user-meta
Type: Relative Path Traversal [CWE-23]
Date found: 2022-02-28
Date published: 2022-05-24
CVSSv3 Score: 4.3 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
CVE: CVE-2022-0779
2. CREDITS
==========
This vulnerability was discovered and…
DSA-5150 rsyslog – security update
Peter Agten discovered that several modules for TCP syslog reception in
rsyslog, a system and kernel logging daemon, have buffer overflow flaws
when octet-counted framing is used, which could result in denial of
service or potentially the execution of arbitrary code.
dotnet3.1-3.1.419-1.fc34
FEDORA-2022-21c312c05b
Packages in this update:
dotnet3.1-3.1.419-1.fc34
Update description:
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.25/3.1.25.md
dotnet3.1-3.1.419-1.fc35
FEDORA-2022-62c0ec2d98
Packages in this update:
dotnet3.1-3.1.419-1.fc35
Update description:
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.25/3.1.25.md
dotnet3.1-3.1.419-1.fc36
FEDORA-2022-b3a92b1881
Packages in this update:
dotnet3.1-3.1.419-1.fc36
Update description:
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.25/3.1.25.md
CVE-2021-27780
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
CVE-2021-27781
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.