Advisories Archives - Page 1593 of 1611

ZDI-22-415: (Pwn2Own) Cisco RV340 NGINX Improper Authentication Unrestricted File Upload Vulnerability

This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the...

February 22, 2022

Advisories

ZDI-22-414: (Pwn2Own) Cisco RV340 SSLVPN Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Authentication is not required to exploit this vulnerability. Read...

February 22, 2022

Advisories

ZDI-22-413: (Pwn2Own) Cisco RV340 Firmware Update Improper Certificate Validation Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. User interaction is required to exploit this vulnerability in...

February 22, 2022

Advisories

ZDI-22-412: (Pwn2Own) Cisco RV340 confd_cli Unnecessary Privileges Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Cisco RV340 routers. An attacker must first obtain the ability to execute low-privileged...

February 22, 2022

Advisories

ZDI-22-411: (Pwn2Own) Cisco RV340 upload.cgi JSON Command Injection Privilege Escalation Vulnerability

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing...

February 22, 2022

Advisories

DSA-5085 expat – security update

Several vulnerabilities have been discovered in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary...

February 22, 2022

Advisories

USN-5293-1: c3p0 vulnerability

Aaron Massey discovered that c3p0 could be made to crash when parsing certain input. An attacker able to modify the application's XML configuration file could...

February 21, 2022

Advisories

USN-5288-1: Expat vulnerabilities

It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Read...

February 21, 2022

Advisories

vim-8.2.4428-1.fc34

FEDORA-2022-7ef65e6444 Packages in this update: vim-8.2.4428-1.fc34 Update description: Security fix for CVE-2022-0696 Security fix for CVE-2022-0629 Security fix for CVE-2022-0572 Security fixes for CVE-2022-0408, CVE-2022-0413,...

February 21, 2022

Advisories

vim-8.2.4428-1.fc35

FEDORA-2022-8622ebdebb Packages in this update: vim-8.2.4428-1.fc35 Update description: The newest upstream commit Security fix for CVE-2022-0629 Read More

February 21, 2022

CISA Warns of Critical Software Vulnerabilities in Industrial Devices

US and Israel Warn of Iranian Threat Actor’s New Tradecraft

Fired Disney worker accused of hacking into restaurant menus, replacing them with Windings and false peanut allergy information

New Xiu Gou Phishing Kit Targets US, Other Countries with Mascot

Misconfigured Git Configurations Targeted in Emeraldwhale Attack

Roger Grimes on Prioritizing Cybersecurity Advice

Fraudsters exploit US General Election fever, FBI warns

Tracking World Leaders Using Strava

Canadian Government Data Stolen By Chinese Hackers

Category: Advisories

ZDI-22-415: (Pwn2Own) Cisco RV340 NGINX Improper Authentication Unrestricted File Upload Vulnerability

ZDI-22-414: (Pwn2Own) Cisco RV340 SSLVPN Stack-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-22-413: (Pwn2Own) Cisco RV340 Firmware Update Improper Certificate Validation Remote Code Execution Vulnerability

ZDI-22-412: (Pwn2Own) Cisco RV340 confd_cli Unnecessary Privileges Local Privilege Escalation Vulnerability

ZDI-22-411: (Pwn2Own) Cisco RV340 upload.cgi JSON Command Injection Privilege Escalation Vulnerability

DSA-5085 expat – security update

USN-5293-1: c3p0 vulnerability

USN-5288-1: Expat vulnerabilities

vim-8.2.4428-1.fc34

vim-8.2.4428-1.fc35