Read Time:6 Second
FEDORA-2022-63b1344b6d
Packages in this update:
firefox-100.0-1.fc35
Update description:
New upstream version (100.0)
Category Archives: Advisories
firefox-100.0-1.fc34
Read Time:6 Second
FEDORA-2022-d2d1fd90df
Packages in this update:
firefox-100.0-1.fc34
Update description:
New upstream version (100.0)
Ransom.AvosLocker / Code Execution
Read Time:19 Second
Posted by malvuln on May 02
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/40f2238875fcbd2a92cfefc4846a15a8.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Ransom.AvosLocker
Vulnerability: Code Execution
Description: The ransomware looks for and executes DLLs in its current
directory. Therefore, we can potentially hijack a vuln DLL execute our
own code, control and terminate the malware…
Ransom.LockBit / DLL Hijacking
Read Time:20 Second
Posted by malvuln on May 02
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/96de05212b30ec85d4cf03386c1b84af.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Ransom.LockBit
Vulnerability: DLL Hijacking
Description: LockBit ransomware looks for and executes DLLs in its current
directory. This can potentially allow us to execute our own code, control
and terminate the malware pre-encryption. The exploit…
Multiple Vulnerabilities in Ruijie RG-EW Series Routers
Read Time:21 Second
Posted by Minh-Khoa Tran on May 02
Advisory: Multiple Vulnerabilities in Ruijie RG-EW Series Routers
=======
Summary
=======
Multiple vulnerabilities was found in Ruijie RG-EW Series Routers from
Ruijie Networks, including 1 pre-authenticated and 5 post-authenticated
Remote Code Execution (RCE).
==============
CVE-2021-43159
==============
## Description
A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks
Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 /…
DSA-5128 openjdk-17 – security update
Read Time:8 Second
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in information disclosure, incorrect validation of ECDSA
signatures or denial of service.
CVE-2020-23617
Read Time:9 Second
A cross site scripting (XSS) vulnerability in the error page of Totolink N200RE and N100RE Routers 2.0 allows attackers to execute arbitrary web scripts or HTML via SCRIPT element.
CVE-2020-23618
Read Time:9 Second
A reflected cross site scripting (XSS) vulnerability in Xtend Voice Logger 1.0 allows attackers to execute arbitrary web scripts or HTML, via the path of the error page.
CVE-2020-23620
Read Time:12 Second
The Java Remote Management Interface of all versions of Orlansoft ERP was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object.
CVE-2020-23621
Read Time:12 Second
The Java Remote Management Interface of all versions of SVI MS Management System was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object.