Category Archives: Advisories

Advisories

Trojan.Win32.Razy.abc / Insecure Permissions (In memory IPC)

Read Time:17 Second

Posted by malvuln on Apr 10

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/0eb4a9089d3f7cf431d6547db3b9484d.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Razy.abc
Vulnerability: Insecure Permissions (In memory IPC)
Family: Razy
Type: PE32
MD5: 0eb4a9089d3f7cf431d6547db3b9484d
SHA256: 3d82fee314e7febb8307ccf8a7396b6dd53c7d979a74aa56f3c4a6d0702fd098
Vuln ID: MVID-2024-0678…

Read More

Advisories

CVE-2023-27195: Broken Access Control – Registration Code in TM4Web v22.2.0

Read Time:24 Second

Posted by Clément Cruchet on Apr 10

CVE ID: CVE-2023-27195

Description:
An access control issue in Trimble TM4Web v22.2.0 allows
unauthenticated attackers to access a specific crafted URL path to
retrieve the last registration access code and use this access code to
register a valid account. If the access code was used to create an
Administrator account, attackers are also able to register new
Administrator accounts with full rights and privileges.

Vulnerability Type: Broken…

Read More

Advisories

python-django3-3.2.25-1.el9

Read Time:14 Second

FEDORA-EPEL-2024-76d6941f10

Packages in this update:

python-django3-3.2.25-1.el9

Update description:

Security fixes for

CVE-2024-27351 Potential regular expression DOS in django.utils.text.Truncator.words()
CVE-2023-41164 Potential DOS vulnerability in django.utils.encoding.uri_to_iri()

Read More

Advisories

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

Read Time:26 Second

Multiple vulnerabilities have been discovered in Google Chrome, which could allow for arbitrary code execution. Successful exploitation of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

Advisories

xen-4.17.4-1.fc38

Read Time:20 Second

FEDORA-2024-a676697123

Packages in this update:

xen-4.17.4-1.fc38

Update description:

x86: Native Branch History Injection [XSA-456, CVE-2024-2201]
update to xen 4.17.4, remove patches now included upstream
rebase xen.gcc12.fixes.patch
x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842]
x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142]

Read More

Advisories

USN-6728-1: Squid vulnerabilities

Read Time:53 Second

Joshua Rogers discovered that Squid incorrectly handled collapsed
forwarding. A remote attacker could possibly use this issue to cause Squid
to crash, resulting in a denial of service. This issue only affected Ubuntu
20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-49288)

Joshua Rogers discovered that Squid incorrectly handled certain structural
elements. A remote attacker could possibly use this issue to cause Squid to
crash, resulting in a denial of service. (CVE-2023-5824)

Joshua Rogers discovered that Squid incorrectly handled Cache Manager error
responses. A remote trusted client can possibly use this issue to cause
Squid to crash, resulting in a denial of service. (CVE-2024-23638)

Joshua Rogers discovered that Squid incorrectly handled the HTTP Chunked
decoder. A remote attacker could possibly use this issue to cause Squid to
stop responding, resulting in a denial of service. (CVE-2024-25111)

Joshua Rogers discovered that Squid incorrectly handled HTTP header
parsing. A remote trusted client can possibly use this issue to cause
Squid to crash, resulting in a denial of service. (CVE-2024-25617)

Read More