Posted by malvuln on Apr 07

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/cf3c08afa6c2d49ba36ed0f895893d71.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Delf.ps
Vulnerability: Information Disclosure
Description: The malware listens on TCP port 80. Third-party adversaries
who can reach an infected host can generate and download screenshots of the
systems desktop.
Family: Delf
Type:…

Read More

Posted by malvuln on Apr 07

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/a6437375fff871dff97dc91c8fd6259f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Jokerdoor
Vulnerability: Weak Hardcoded Credentials
Family: Jokerdoor
Type: PE32
MD5: a6437375fff871dff97dc91c8fd6259f
Vuln ID: MVID-2022-0531
Dropped files: Random name “awup.exe”
Disclosure: 04/02/2022
Description: The…

Read More

Posted by malvuln on Apr 07

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/867c6b432ccd4aa51adc5e2722a4b144.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Wollf.h
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware runs with SYSTEM integrity and listens on TCP port
7614. Third-party adversaries who can reach an infected host can run
commands made available…

Read More

Posted by Gionathan Reale via Fulldisclosure on Apr 07

Multiple Vulnerabilities in Reprise License Manager 14.2

Credit: Giulia Melotti Garibaldi

//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

# Product:  RLM 14.2
# Vendor:   Reprise Software
# CVE ID:   CVE-2022-28363
# Vulnerability Title: Reflected Cross-Site Scripting
# Severity: Medium
#…

Read More

The following vulnerabilities have been discovered in the WPE WebKit
web engine:

Read More

The following vulnerabilities have been discovered in the WebKitGTK
web engine:

Read More

FEDORA-2022-fca60937b8

Packages in this update:

xen-4.16.0-6.fc36

Update description:

Racy interactions between dirty vram tracking and paging log dirty
hypercalls [XSA-397, CVE-2022-26356]
race in VT-d domain ID cleanup [XSA-399, CVE-2022-26357]
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues [XSA-400,
CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361]

Read More

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, execute script
unexpectedly, obtain sensitive information, conduct spoofing attacks,
or execute arbitrary code. (CVE-2022-1097, CVE-2022-24713, CVE-2022-28281,
CVE-2022-28282, CVE-2022-28284, CVE-2022-28285, CVE-2022-28286,
CVE-2022-28288, CVE-2022-28289)

A security issue was discovered with the sourceMapURL feature of devtools.
An attacker could potentially exploit this to include local files that
should have been inaccessible. (CVE-2022-28283)

It was discovered that selecting text caused Firefox to crash in some
circumstances. An attacker could potentially exploit this to cause a
denial of service. (CVE-2022-28287)

Read More

FEDORA-EPEL-2022-14d598751d

Packages in this update:

libbson-1.3.5-7.el7

Update description:

This release prevents from a memory corruption when dealing with a too large (larger than a half of a address space) JSON documents. The prevention results in terminating the offended process. The same meassure which libbson triggers on a memory exhaustion.

Read More

It was discovered that oslo.utils incorrectly handled certain inputs.
An attacker could possibly use this issue to expose sensitive information.

Read More