[SECURITY] Fedora 36 Update: mingw-binutils-2.37-5.fc36

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

Amazon Linux 2022 : pcre2, pcre2-devel, pcre2-static (ALAS2022-2022-191)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-191 advisory. An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a unicode property matching issue ...

Stimulsoft 安全漏洞

Stimulsoft Stimulsoft Reports is an excellent set of reporting components for the .NET platform from Stimulsoft. NET platform for processing reports in JavaScript applications. A security vulnerability exists in Stimulsoft version 2013.1.1600.0, which stems from a vulnerability that allows an...

Mangle - Tool That Manipulates Aspects Of Compiled Executables (.Exe Or DLL) To Avoid Detection From EDRs

Authored By Tyl0us Featured at Source Zero Con 2022 Mangle is a tool that manipulates aspects of compiled executables .exe or DLL. Mangle can remove known Indicators of Compromise IoC based strings and replace them with random characters, change the file by inflating the size to avoid EDRs, and c...

[SECURITY] Fedora 36 Update: pypy3.9-7.3.9-4.3.9.fc36

PyPy's implementation of Python 3.9, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...

EulerOS Virtualization 3.0.6.0 : pcre2 (EulerOS-SA-2022-2580)

According to the versions of the pcre2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the...

EulerOS Virtualization 2.9.0 : pcre2 (EulerOS-SA-2022-2397)

According to the versions of the pcre2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the...

EulerOS Virtualization 2.9.1 : pcre2 (EulerOS-SA-2022-2361)

According to the versions of the pcre2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the...

Ubuntu 20.04 LTS / 22.04 LTS : PCRE vulnerabilities (USN-5627-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5627-1 advisory. It was discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue t...

EulerOS 2.0 SP9 : pcre2 (EulerOS-SA-2022-2301)

According to the versions of the pcre2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file...

Amazon Linux 2022 : pcre2, pcre2-devel, pcre2-static (ALAS2022-2022-071)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-071 advisory. An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a unicode property matching issue ...

CVE-2020-35537

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2022-2789

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic...

CVE-2022-2790

CVE-2022-2790 affects Emerson Electric’s Proficy Machine Edition, version 9.00 and prior. The issue is an improper verification of cryptographic signatures (CWE-347) that leads to failure to properly verify compiled logic (PDT files) and data blocks data (BLD/BLK files). Reported by multiple sour...

EulerOS 2.0 SP10 : pcre2 (EulerOS-SA-2022-2260)

According to the versions of the pcre2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file...

Emerson Proficy Machine Edition 数据伪造问题漏洞

Emerson Proficy Machine Edition is an application from Emerson, Inc. an automation solution. A data forgery issue vulnerability exists in Emerson Proficy Machine Edition 9.00 and prior versions, which stems from the ability to display logic that differs from the compiled logic...

AlmaLinux 8 : pcre2 (5809) (ALSA-2022:5809)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:5809 advisory. - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a...

SUSE SLED15 / SLES15 Security Update : pcre2 (SUSE-SU-2022:2649-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2649-1 advisory. - An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to...

Oracle Linux 8 : pcre2 (ELSA-2022-5809)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-5809 advisory. 10.32-3 - Resolves: CVE-2022-1586 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...

[SECURITY] Fedora 36 Update: swig-4.0.2-17.fc36

Simplified Wrapper and Interface Generator SWIG is a software development tool for connecting C, C++ and Objective C programs with a variety of high-level programming languages. SWIG is used with different types of target languages including common scripting languages such as Javascript, Perl, PH...