15 matches found
编号撤回
R is a statistical computing software from The R Foundation. fe is a lightweight, embeddable ANSI C scripting language developed by rxi. This CVE number has been withdrawn...
New SOHO Router Botnet AVrecon Spreads to 70,000 Devices Across 20 Countries
A new malware strain has been found covertly targeting small office/home office SOHO routers for more than two years, infiltrating over 70,000 devices and creating a botnet with 40,000 nodes spanning 20 countries. Lumen Black Lotus Labs has dubbed the malware AVrecon, making it the third such...
New Mystic Stealer Malware Targets 40 Web Browsers and 70 Browser Extensions
A new information-stealing malware called Mystic Stealer has been found to steal data from about 40 different web browsers and over 70 web browser extensions. First advertised on April 25, 2023, for $150 per month, the malware also targets cryptocurrency wallets, Steam, and Telegram, and employs...
New Strain of Sotdas Malware Discovered
Introduction There are numerous malicious codes that are currently active on smart devices, such as Ddosf, Dofloo, Gafgyt, MrBlack, Persirai, Sotdas, Tsunami, Triddy, Mirai, Moose, and Satori, among others. These malicious codes and their variants can intrude into and control smart devices throug...
Moderate: ctags security update
Ctags is a C programming language indexing and cross-reference tool. Security Fixes: ctags: arbitrary command execution via a tag file with a crafted filename CVE-2022-4515 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
CVE-2022-41974
multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege...
Background mujs is an embeddable Javascript interpreter in C. Description Multiple vulnerabilities have been discovered in mujs. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround...
CVE-2017-18190
CVE-2017-18190 affects the CUPS printing system. Connected sources confirm a vulnerability where a localhost.localdomain whitelist entry in valid_host() (scheduler/client.c) in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon ...
Researcher Claims Samsung's Tizen OS is Poorly Programmed; Contains 27,000 Bugs!
A researcher has claimed that Samsung's Tizen operating system that runs on millions of Samsung products is so poorly programmed that it could contain nearly 27,000 programming errors, which could also lead to thousands of vulnerabilities. Tizen is a Linux-based open-source operating system backe...
[SECURITY] Fedora 23 Update: gummi-0.6.6-1.fc23
Gummi is a LaTeX editor written in the C programming language using the GTK+ interface toolkit. It was designed with simplicity and the novice user in mind, but also offers features that speak to the more advanced user...
[SECURITY] Fedora 22 Update: gummi-0.6.6-1.fc22
Gummi is a LaTeX editor written in the C programming language using the GTK+ interface toolkit. It was designed with simplicity and the novice user in mind, but also offers features that speak to the more advanced user...
DropBearSSHD 2015.71 - Command Injection
Exploit for linux platform in category remote exploits VuNote ============ Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3116 Version: 0.2 Date: Mar 3rd, 2016 Tag: dropbearsshd xauth command injection may lead to forced-command bypass Overview -------- Name: dropbear...
CVE-2007-3280
The Database Link library dblink in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system...
Design/Logic Flaw
The Database Link library dblink in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system...
RUS-CERT Advisory 2002-08:01: Incorrect integer overflow detection in C code
Incorrect integer overflow detection in C code A widely used method of detecting integer overflows results in undefined behavior according to the C standard. Who Should Read This Document This advisory deals with with details of the C programming language. It is targeted at C programmers. Systems...