Post Title
A vulnerability has been discovered in Sophos Firewall’s user portal and Webadmin that could allow for arbitrary remote code execution. Sophos Firewall is a next...
Backdoor.Win32.Avstral.e / Unauthenticated Remote Command Execution
Posted by malvuln on Mar 28 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/35f0d754f161af35241cb081c73ea6dd.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Chubo.c / Cross Site Scripting (XSS)
Posted by malvuln on Mar 28 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/c16b04a9879896ef453a6deb13528087_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Chubo.c / Unauthenticated Remote Command Execution
Posted by malvuln on Mar 28 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/c16b04a9879896ef453a6deb13528087.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Cafeini.b / Weak Hardcoded Credentials
Posted by malvuln on Mar 28 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/b24c56abb4bde960c2d51d4e509d2c68_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Cafeini.b / Denial of Service
Posted by malvuln on Mar 28 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/b24c56abb4bde960c2d51d4e509d2c68.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Cyn.20 / Insecure Permissions
Posted by malvuln on Mar 28 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/3dd1da64e306cae0409e154e15dd1b80.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Re: ImpressCMS: from unauthenticated SQL injection to RCE
Posted by Egidio Romano on Mar 28 Hello again, Just wanted to let you know I updated the blog post with some more details: apparently,...
PHP filter_var vulnerability
Posted by Jordy Zomer on Mar 28 Hello! When the filter_var function is used in conjunction with the flags FILTER_VALIDATE_DOMAIN and FILTER_FLAG_HOSTNAME, there is a...
USN-5353-1: Linux kernel (OEM) vulnerability
It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based...