Category Archives: Advisories

Advisories

TROJAN.WIN32 BANKSHOT / Remote Stack Buffer Overflow (SEH)

Read Time:20 Second

Posted by malvuln on Feb 04

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/f2fd6a7b400782bb43499e722fb62cf4.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32 BankShot
Vulnerability: Remote Stack Buffer Overflow (SEH)
Description: The malware listens on TCP port 1978 and creates a local
Windows service running with SYSTEM integrity. Third-party adversaries who
can reach the…

Read More

Advisories

[KIS-2024-01] XenForo <= 2.2.13 (ArchiveImport.php) Zip Slip Vulnerability

Read Time:15 Second

Posted by Egidio Romano on Feb 04

————————————————————
XenForo <= 2.2.13 (ArchiveImport.php) Zip Slip Vulnerability
————————————————————

[-] Software Link:

https://xenforo.com

[-] Affected Versions:

Version 2.2.13 and prior versions.

[-] Vulnerability Description:

The vulnerability is located in the
/src/XF/Service/Style/ArchiveImport.php script. Specifically, into the…

Read More

Advisories

NULL pointer dereference in the function handle_viminfo_register() of vim

Read Time:24 Second

Posted by Christian Brabandt on Feb 04

Meng Ruijie wrote:

Meng,

This particular problem was fixed in Vim v9.0.1740
https://github.com/vim/vim/commit/0a0764684591c7c6a5d722b628f11dc96208e853

I have no idea, why this issue is worth a CVE, because if an attacker
can modify your .viminfo file to make Vim crash, he already has the
possibilities to do much more harm directly. So I don’t think this is
particular useful CVE. I’d also like to dispute this.

Thanks,
Christian

Read More

Advisories

chromium-121.0.6167.139-2.el7

Read Time:15 Second

FEDORA-EPEL-2024-25f8bac8aa

Packages in this update:

chromium-121.0.6167.139-2.el7

Update description:

update to 121.0.6167.139

High CVE-2024-1060: Use after free in Canvas
High CVE-2024-1059: Use after free in WebRTC
High CVE-2024-1077: Use after free in Network

Read More