This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk 3DS Max. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Category Archives: Advisories
ZDI-22-719: Autodesk 3DS Max TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk 3DS Max. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-718: Rockwell Automation ISaGRAF isasln File Parsing XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Rockwell Automation ISaGRAF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-717: Zoom Client Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Zoom Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-716: Zoom Client Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Zoom Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
DSA-5133 qemu – security update
Multiple security issues were discovered in QEMU, a fast processor
emulator, which could result in denial of service or the execution of
arbitrary code.
CImg-3.1.0-1.fc35 gmic-3.1.0-1.fc35
FEDORA-2022-eca0926460
Packages in this update:
CImg-3.1.0-1.fc35
gmic-3.1.0-1.fc35
Update description:
bump version
CVE-2018-25033
ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (called from stl_remove_degenerate) in connect.c in libadmesh.a.
Ransom.Satana / Code Execution
Posted by malvuln on May 07
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/46bfd4f1d581d7c0121d2b19a005d3df.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Ransom.Satana
Vulnerability: Code Execution
Description: Satana searches for and loads a DLL named “wow64log.dll” in
WindowsSystem32. Therefore, we can drop our own DLL to intercept and
terminate the malware pre-encryption….
Ransom.Conti / Code Execution
Posted by malvuln on May 07
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/20f0c736a966142de88dee06a2e4a5b1.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Ransom.Conti
Vulnerability: Code Execution
Description: Conti looks for and executes DLLs in its current directory.
Therefore, we can potentially hijack a vuln DLL execute our own code,
control and terminate the malware pre-encryption….