Critical Infrastructure Organizations Compromised through Trojanized X_Trader Software
FortiGuard Labs is aware of reports that several organizations worldwide downloaded and installed trojanized versions of X_Trader software, which is believed to be the infection...
USN-6052-1: Linux kernel vulnerability
It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker...
USN-6051-1: Linux kernel vulnerabilities
It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker...
USN-6050-1: Git vulnerabilities
It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwriting some paths. (CVE-2023-25652) Maxime Escourbiac and Yassine...
CVE-2018-25085
A vulnerability classified as problematic was found in Responsive Menus 7.x-1.x-dev on Drupal. Affected by this vulnerability is the function responsive_menus_admin_form_submit of the file responsive_menus.module...
ZDI-23-499: (Pwn2Own) NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. Read...
ZDI-23-498: (Pwn2Own) NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the...
ZDI-23-497: (Pwn2Own) NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. Read...
ZDI-23-496: NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability. Read More
ZDI-23-495: NETGEAR RAX30 rex_cgi JSON Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is required to exploit this vulnerability. Read More