ZDI-23-364: Microsoft 3D Builder PLY File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in...
ZDI-23-363: Microsoft 3D Builder OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in...
ZDI-23-362: Microsoft 3D Builder GLTF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in...
ZDI-23-361: Microsoft 3D Builder PLY File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in...
ZDI-23-360: Microsoft 3D Builder GLTF File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in...
ZDI-23-359: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code...
RSA NetWitness EDR Agent / Incorrect Access Control – Code Execution / CVE-2022-47529
Posted by hyp3rlinx on Mar 30 [+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/RSA_NETWITNESS_EDR_AGENT_INCORRECT_ACCESS_CONTROL_CVE-2022-47529.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] RSA...
USN-5990-1: musl vulnerabilities
It was discovered that musl did not handle certain i386 math functions properly. An attacker could use this vulnerability to cause a denial of service...
thunderbird-stable-3820230330113811.1
FEDORA-FLATPAK-2023-eafa2319cb Packages in this update: thunderbird-stable-3820230330113811.1 Update description: Thunderbird 102.9.1 release. For details, see https://www.thunderbird.net/en-US/thunderbird/102.9.1/releasenotes/ Switch to F38 flatpak runtime Read More
Supply Chain Attack Through 3CX Desktop App
FortiGuard Labs is aware that a digitally signed 3CX desktop app was reportedly used in a supply chain attack against 3CX Voice over Internet Protocol...