5605 matches found
Gootkit Loader Actively Targets Australian Healthcare Industry
We analyzed the infection routine used in recent Gootkit loader attacks on the Australian healthcare industry and found that Gootkit leveraged SEO poisoning for its initial access and abused legitimate tools like VLC Media Player...
Ubuntu: Security Advisory (USN-5790-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AceLdr - Cobalt Strike UDRL For Memory Scanner Evasion
A position-independent reflective loader for Cobalt Strike. Zero results from Hunt-Sleeping-Beacons, BeaconHunter, BeaconEye, Patriot, Moneta, PE-sieve, or MalMemDetect. Features Easy to Use Import a single CNA script before generating shellcode. Dynamic Memory Encryption Creates a new heap for a...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5792-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5792-1 advisory. Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secu...
USN-5793-1: Linux kernel vulnerabilities
It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...
USN-5792-1: Linux kernel vulnerabilities
Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization SEV. A local attacker could possibly use this to cause a denial of service host system crash. CVE-2022-0171 It was discovered th...
Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to loader-utils CVE-2022-37599
Summary Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to loader-utils CVE-2022-37599 with details below Vulnerability Details CVEID:CVE-2022-37599 DESCRIPTION: loader-utils is vulnerable to a denial of service, caused by a regular expression denial of...
Debian: Security Advisory (DLA-3258-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-3258 : node-loader-utils - security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3258 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3258-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DLA 3258-1] node-loader-utils security update
Debian LTS Advisory DLA-3258-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 31, 2022 https://wiki.debian.org/LTS Package : node-loader-utils Version : 1.1.0-2+deb10u1 CVE ID : CVE-2022-37601 Supraja Baskar discovered prototype pollution vulnerability in...
DLA-3258-1 node-loader-utils - security update
Bulletin has no description...
CVE-2021-45467
In CWP aka Control Web Panel or CentOS Web Panel before 0.9.8.1107, an unauthenticated attacker can use %00 bytes to cause /user/loader.php to register an arbitrary API key, as demonstrated by a /user/loader.php?api=1&scripts= .%00./.%00./api/accountnewcreate&acc=guadaapi URI. Any number of %00...
Fedora 36 : php-twig (2022-1695454935)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-1695454935 advisory. Version 1.44.7 2022-09-28 Fix a security issue on filesystem loader possibility to load a template outside a configured directory Tenable has extracted the...
Fedora 36 : php-twig2 (2022-9d8ee4a6de)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-9d8ee4a6de advisory. Version 2.15.3 2022-09-28 Fix a security issue on filesystem loader possibility to load a template outside a configured directory Tenable has extracted the...
Fedora 35 : php-twig3 (2022-e915614918)
The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-e915614918 advisory. Version 3.4.3 2022-09-28 Fix a security issue on filesystem loader possibility to load a template outside a configured directory Tenable has extracted the...
PT-2022-17905 · Undefined · Undefined
ParsedReport 19-12-2022 Veeam Fixes Critical Vulnerabilities in Backup & Replication Software CVE-2022-26500 & CVE-2022-26501 https://socradar.io/veeam-fixes-critical-vulnerabilities-in-backup-replication-software-cve-2022-26500-cve-2022-26501 Threats: Monti Yanluowang Empire loader CVEs:...
laZzzy - Shellcode Loader, Developed Using Different Open-Source Libraries, That Demonstrates Different Execution Techniques
laZzzy is a shellcode loader that demonstrates different execution techniques commonly employed by malware. laZzzy was developed using different open-source header-only libraries. Features Direct syscalls and native Nt functions not all functions but most Import Address Table IAT evasion Encrypte...
CVE-2022-20515
In onPreferenceClick of AccountTypePreferenceLoader.java, there is a possible way to retrieve protected files from the Settings app due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
Mallox Ransomware is Ramping up its Operation
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Mallox ransomware strains have been spotted in the wild, indicating that the ransomware is operational, propagating rapidly, and infecting entities. An unknown .NET-based loader distributes these Mallox...
CVE-2022-41287
A vulnerability has been identified in JT2Go All versions V14.1.0.6, Teamcenter Visualization V13.2 All versions V13.2.0.12, Teamcenter Visualization V13.3 All versions V13.3.0.8, Teamcenter Visualization V14.0 All versions V14.0.0.4, Teamcenter Visualization V14.1 All versions V14.1.0.6. The...