Read Time:9 Second
FEDORA-2022-9136d646e4
Packages in this update:
libxml2-2.9.14-1.fc36
Update description:
Update to 2.9.14
Fix CVE-2022-29824: Integer overflow in xmlBuf and xmlBuffer
Category Archives: Advisories
firefox-100.0-2.fc36
Read Time:7 Second
FEDORA-2022-2c4ed935d1
Packages in this update:
firefox-100.0-2.fc36
Update description:
New upstream version (100.0)
Fix mozbz#1759137 (ffmpeg crash)
firefox-100.0-1.fc35
Read Time:6 Second
FEDORA-2022-63b1344b6d
Packages in this update:
firefox-100.0-1.fc35
Update description:
New upstream version (100.0)
firefox-100.0-1.fc34
Read Time:6 Second
FEDORA-2022-d2d1fd90df
Packages in this update:
firefox-100.0-1.fc34
Update description:
New upstream version (100.0)
Ransom.AvosLocker / Code Execution
Read Time:19 Second
Posted by malvuln on May 02
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/40f2238875fcbd2a92cfefc4846a15a8.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Ransom.AvosLocker
Vulnerability: Code Execution
Description: The ransomware looks for and executes DLLs in its current
directory. Therefore, we can potentially hijack a vuln DLL execute our
own code, control and terminate the malware…
Ransom.LockBit / DLL Hijacking
Read Time:20 Second
Posted by malvuln on May 02
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/96de05212b30ec85d4cf03386c1b84af.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Ransom.LockBit
Vulnerability: DLL Hijacking
Description: LockBit ransomware looks for and executes DLLs in its current
directory. This can potentially allow us to execute our own code, control
and terminate the malware pre-encryption. The exploit…
Multiple Vulnerabilities in Ruijie RG-EW Series Routers
Read Time:21 Second
Posted by Minh-Khoa Tran on May 02
Advisory: Multiple Vulnerabilities in Ruijie RG-EW Series Routers
=======
Summary
=======
Multiple vulnerabilities was found in Ruijie RG-EW Series Routers from
Ruijie Networks, including 1 pre-authenticated and 5 post-authenticated
Remote Code Execution (RCE).
==============
CVE-2021-43159
==============
## Description
A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks
Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 /…
DSA-5128 openjdk-17 – security update
Read Time:8 Second
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in information disclosure, incorrect validation of ECDSA
signatures or denial of service.
CVE-2020-23617
Read Time:9 Second
A cross site scripting (XSS) vulnerability in the error page of Totolink N200RE and N100RE Routers 2.0 allows attackers to execute arbitrary web scripts or HTML via SCRIPT element.
CVE-2020-23618
Read Time:9 Second
A reflected cross site scripting (XSS) vulnerability in Xtend Voice Logger 1.0 allows attackers to execute arbitrary web scripts or HTML, via the path of the error page.