Category Archives: Advisories

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/40f2238875fcbd2a92cfefc4846a15a8.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Ransom.AvosLocker
Vulnerability: Code Execution
Description: The ransomware looks for and executes DLLs in its current
directory. Therefore, we can potentially hijack a vuln DLL execute our
own code, control and terminate the malware…

Advisories

Ransom.LockBit / DLL Hijacking

May 3, 2022

Read Time:20 Second

Posted by malvuln on May 02

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/96de05212b30ec85d4cf03386c1b84af.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Ransom.LockBit
Vulnerability: DLL Hijacking
Description: LockBit ransomware looks for and executes DLLs in its current
directory. This can potentially allow us to execute our own code, control
and terminate the malware pre-encryption. The exploit…

Advisories

Multiple Vulnerabilities in Ruijie RG-EW Series Routers

May 3, 2022

Read Time:21 Second

Posted by Minh-Khoa Tran on May 02

Advisory: Multiple Vulnerabilities in Ruijie RG-EW Series Routers

=======
Summary
=======

Multiple vulnerabilities was found in Ruijie RG-EW Series Routers from
Ruijie Networks, including 1 pre-authenticated and 5 post-authenticated
Remote Code Execution (RCE).

==============
CVE-2021-43159
==============

## Description

A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks
Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 /…

Advisories

DSA-5128 openjdk-17 – security update

May 3, 2022

Read Time:8 Second

Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in information disclosure, incorrect validation of ECDSA
signatures or denial of service.

Advisories

CVE-2020-23617

May 2, 2022

Read Time:9 Second

A cross site scripting (XSS) vulnerability in the error page of Totolink N200RE and N100RE Routers 2.0 allows attackers to execute arbitrary web scripts or HTML via SCRIPT element.

Advisories

CVE-2020-23618

May 2, 2022

Read Time:9 Second

A reflected cross site scripting (XSS) vulnerability in Xtend Voice Logger 1.0 allows attackers to execute arbitrary web scripts or HTML, via the path of the error page.

Cyber Security News

Category Archives: Advisories

libxml2-2.9.14-1.fc36

FEDORA-2022-9136d646e4

Packages in this update:

Update description:

firefox-100.0-2.fc36

FEDORA-2022-2c4ed935d1

Packages in this update:

Update description:

firefox-100.0-1.fc35

FEDORA-2022-63b1344b6d

Packages in this update:

Update description:

firefox-100.0-1.fc34

FEDORA-2022-d2d1fd90df

Packages in this update:

Update description:

Ransom.AvosLocker / Code Execution

Ransom.LockBit / DLL Hijacking

Multiple Vulnerabilities in Ruijie RG-EW Series Routers

DSA-5128 openjdk-17 – security update

CVE-2020-23617

CVE-2020-23618

News, Advisories and much more