Posted by malvuln on May 14
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/4b5fc3a2489985f314b81d35eac3560f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Panel.SmokeLoader
Vulnerability: Cross Site Scripting (XSS)
Family: SmokeLoader
Type: Web Panel
MD5: 4b5fc3a2489985f314b81d35eac3560f (control.php)
SHA256: 8d02238577081be74b9ebc1effcfbf3452ffdb51f130398b5ab875b9bfe17743
Vuln ID:…
Posted by malvuln on May 14
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/50467c891bf7de34d2d65fa93ab8b558.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Panel Amadey.d.c
Vulnerability: Cross Site Scripting (XSS)
Family: Amadey
Type: Web Panel
MD5: 50467c891bf7de34d2d65fa93ab8b558 (Login.php)
SHA256: 65623eead2bcba66817861246e842386d712c38c5c5558e50eb49cffa2a1035d
Vuln ID:…
Posted by malvuln on May 14
Updated, fixed typo
SHA256 : 810229C7E62D5EDDD3DA9FFA19D04A31D71F9C36D05B6A614FEF496E88656FF5
Posted by malvuln on May 14
Proof-of-concept tool that automates the creation of PE files, used to
exploit Ransomware pre-encryption. Updated v3:
https://github.com/malvuln/RansomLord/releases/tag/v3
Lang: C SHA256:
83f56d14671b912a9a68da2cd37607cac3e5b31560a6e30380e3c6bd093560f5
Video PoC (old v2):
https://www.youtube.com/watch?v=_Ho0bpeJWqI
RansomLord generated PE files are saved to disk in the x32 or x64
directories where the program is run from. Goal is to exploit…
Posted by Apple Product Security via Fulldisclosure on May 14
APPLE-SA-05-13-2024-8 tvOS 17.5
tvOS 17.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214102 .
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
AppleAVD
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: An app may be able to execute arbitrary code with kernel…
Posted by Apple Product Security via Fulldisclosure on May 14
APPLE-SA-05-13-2024-7 watchOS 10.5
watchOS 10.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214104 .
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
AppleAVD
Available for: Apple Watch Series 4 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges…
Posted by Julia Wunder on May 14
Hello there,
The University of Erlangen-Nuremberg (Germany) is conducting a research
study to investigate the reliability of CVSSv4 (Common Vulnerability
Scoring System). We conducted a survey on CVSSv3.1 in winter 2020/21 and
found out that the ratings are not always consistent [1]. Now we want to
investigate the latest version CVSSv4. If you are currently assessing
vulnerabilities using CVSS, we would greatly appreciate your…
Posted by Apple Product Security via Fulldisclosure on May 14
APPLE-SA-05-13-2024-6 macOS Monterey 12.7.5
macOS Monterey 12.7.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214105 .
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Find My
Available for: macOS Monterey
Impact: A malicious application may be able to access Find My data…
Posted by Apple Product Security via Fulldisclosure on May 14
APPLE-SA-05-13-2024-5 macOS Ventura 13.6.7
macOS Ventura 13.6.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214107 .
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Foundation
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: A…
Posted by Apple Product Security via Fulldisclosure on May 14
APPLE-SA-05-13-2024-4 macOS Sonoma 14.5
macOS Sonoma 14.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214106 .
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
AppleAVD
Available for: macOS Sonoma
Impact: An app may be able to execute arbitrary code with kernel
privileges…
Posts navigation
News, Advisories and much more