Posted by malvuln on May 18
Reference list for my Ransomware exploitation research. Lists current DLLs
I have seen to date that some ransomware search for, which I have used
successfully to hijack and intercept vulnerable strains executing arbitrary
code pre-encryption.
moodle-3.11.7-1.fc34
Multiple CVE fixes.
moodle-3.11.7-1.fc35
Multiple CVE fixes.
moodle-3.11.7-1.fc36
Multiple CVE fixes.
It was discovered that GNOME Settings incorrectly handled the remote
desktop sharing configuration. When turning off desktop sharing, it may be
turned on again after rebooting, contrary to expectations.
There is a Null Pointer Dereference vulnerability in the XFAScanner::scanNode() function in XFAScanner.cc in xpdf 4.03.
Thomas Amgarten discovered that Bind incorrectly handled certain TLS
connections being destroyed. A remote attacker could possibly use this
issue to cause Bind to crash, resulting in a denial of service.
Tobias Stoeckmann discovered that libXrandr incorrectly handled certain
responses. An attacker could possibly use this issue to cause a denial
of service, or possibly execute arbitrary code.
(CVE-2016-7947, CVE-2016-7948)
The random_password_generator (aka RandomPasswordGenerator) gem through 1.0.0 for Ruby uses Kernel#rand to generate passwords, which, due to its cyclic nature, can facilitate password prediction.
vim-8.2.4975-1.fc34
Security fixes for CVE-2022-1769, CVE-2022-1733, CVE-2022-1674
