stb-0^20210910gitaf1a5bc-0.2.fc37
Automatic update for stb-0^20210910gitaf1a5bc-0.2.fc37.
* Wed Apr 20 2022 Benjamin A. Beasley <code@musicinmybrain.net> 0^20210910gitaf1a5bc-0.2
– Security fix for CVE-2022-28041 (fix RHBZ#2077020, fix RBHZ#2077019)
Multiple vulnerabilities have been discovered in Oracle products, which could allow for remote code execution.
It was discovered that Bash did not properly drop privileges
when the binary had the setuid bit enabled. An attacker could
possibly use this issue to escalate privileges.
libinput-1.20.1-1.fc36
libinput 1.20.1, fixes a format string vulnerability (CVE-2022-1215)
libinput-1.19.4-1.fc35
libinput 1.19.4, fixes CVE-2022-1215 with a format string vulnerability
libinput-1.19.4-1.fc34
libinput 1.19.4, fixes CVE-2022-1215 with a format string vulnerability
Out of caution, and in line with best practice, Tenable has upgraded the bundled components to address the potential impact of these issues. Tenable.sc 5.21.0 updates the following components to address the identified vulnerabilities:
jQuery UI upgraded from 1.12.0 to 1.13.1
MomentJS upgraded from 2.29.1 to 2.29.2
Posted by malvuln on Apr 18
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/5aa81ddc996be64116754efac0e4f55d_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.GateHell.21
Vulnerability: Port Bounce Scan
Description: The malware runs an FTP server on TCP ports
5301,5432,5300,5299,5298,5297,5296 and 5295. Third-party adversaries who
successfully logon can abuse the backdoor FTP server as…
Posted by malvuln on Apr 18
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/5aa81ddc996be64116754efac0e4f55d.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.GateHell.21
Vulnerability: Authentication Bypass
Description: The malware runs an FTP server on TCP ports
5301,5432,5300,5299,5298,5297,5296 and 5295. Third-party attackers who can
reach infected systems can logon using any…
