Escape sequence injection in util-linux wall (CVE-2024-28085)
Posted by Skyler Ferrante (RIT Student) via Fulldisclosure on Mar 27 Wall-Escape (CVE-2024-28085) Skyler Ferrante: Escape sequence injection in util-linux wall ================================================================= Summary ================================================================= The...
Win32.STOP.Ransomware (smokeloader) / Remote Code Execution (MITM)
Posted by malvuln on Mar 27 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/3b9e9e130d52fe95c8be82aa4b8feb74.txt Contact: malvuln13 () gmail com Media:...
Circontrol EV Charger vulnerabilities (CVE-2020-8006, CVE-2020-8007)
Posted by Dariusz G on Mar 27 Circontrol EV Charger vulnerabilities. 1. CVE-2020-8006 Pre-Auth Stack Based Buffer Overflow CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H (10) The server in Circontrol Raption...
[IWCC 2024] CfP: 13th International Workshop on Cyber Crime – Vienna, Austria, July 30 – Aug 02, 2024
Posted by Artur Janicki via Fulldisclosure on Mar 27 [APOLOGIES FOR CROSS-POSTING] CALL FOR PAPERS 13th International Workshop on Cyber Crime (IWCC 2024 - https://www.ares-conference.eu/iwcc/)...
USN-6719-1: util-linux vulnerability
Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue...
USN-6718-2: curl vulnerability
USN-6718-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was...
tinyxml-2.6.2-28.el9
FEDORA-EPEL-2024-e2cad98fb0 Packages in this update: tinyxml-2.6.2-28.el9 Update description: Security fixes for CVE-2021-42260, CVE-2023-34194 and its duplicate CVE-2023-40462. Fix incorrect text element encoding (upstream isssue #51)....
tinyxml-2.6.2-28.el8
FEDORA-EPEL-2024-0ced8d6066 Packages in this update: tinyxml-2.6.2-28.el8 Update description: Security fixes for CVE-2021-42260, CVE-2023-34194 and its duplicate CVE-2023-40462. Fix incorrect text element encoding (upstream isssue #51)....
unbound-1.19.1-4.fc40
FEDORA-2024-c266dab9e9 Packages in this update: unbound-1.19.1-4.fc40 Update description: CVE-2024-1931 - Fix trim of EDE text from large udp responses from spinning cpu. Read More
chromium-123.0.6312.58-1.el7
FEDORA-EPEL-2024-15cde9f00b Packages in this update: chromium-123.0.6312.58-1.el7 Update description: Update to 123.0.6312.58 * High CVE-2024-2625: Object lifecycle issue in V8 * Medium CVE-2024-2626: Out of bounds...