SEC Consult SA-20220215 :: Multiple Critical Vulnerabilities in multiple Zyxel devices
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Feb 16 SEC Consult Vulnerability Lab Security Advisory < 20220215-0 > ======================================================================= title: Multiple Critical...
Trojan-Spy.Win32.Zbot.aawo.Zeus-Builder / Insecure Permissions
Posted by malvuln on Feb 16 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/fe0dacbc953d4301232b386fcb3afc23.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Prosti.b / Insecure Permissions
Posted by malvuln on Feb 16 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/8201ba6b542fc91c004110b2fc5395aa.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Email-Worm.Win32.Lama / Insecure Permissions
Posted by malvuln on Feb 16 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/1c255ef6fd44877700867f94a59875d2.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Prorat.lkt / Weak Hardcoded Password
Posted by malvuln on Feb 16 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/65a53a37843db2b86a67a9e23277c1bf.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
DSA-5079 chromium – security update
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. Read More
Drupal core – Moderately critical – Information disclosure – SA-CORE-2022-004
Project: Drupal core Date: 2022-February-16 Security risk: Moderately critical 12∕25 AC:None/A:User/CI:Some/II:None/E:Theoretical/TD:Default Vulnerability: Information disclosure CVE IDs: CVE-2022-25270 Description: The Quick Edit module does not properly...
Drupal core – Moderately critical – Improper input validation – SA-CORE-2022-003
Project: Drupal core Date: 2022-February-16 Security risk: Moderately critical 14∕25 AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:Uncommon Vulnerability: Improper input validation CVE IDs: CVE-2022-25271 Description: Drupal core's form API has a...
ZDI-22-377: Apple macOS libFontParser TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the libFontParser library is required to exploit this...
DSA-5078 zsh – security update
It was discovered that zsh, a powerful shell and scripting language, did not prevent recursive prompt expansion. This would allow an attacker to execute arbitrary...