452 matches found
GNOME Files 43.4 Privilege Escalation Vulnerability
GNOME Files version 43.4 nautilus on Fedora 37 will extract zip archives with setuid files for other user identifiers that can be leveraged to escalate privileges. Affected: GNOME Files 43.4 nautilus on fedora 37 Description: If an user A opens in GNOME files zip archive containing setuid file F,...
GNOME Files 43.4 Privilege Escalation
Affected: GNOME Files 43.4 nautilus on fedora 37 Description: If an user A opens in GNOME files zip archive containing setuid file F, then F will be silently extracted to a subdirectory of CWD. If F is accessible by hostile local user B and B executes F, then F will be executed as from user A. ta...
Senator Warner on the Restrict Act and a US TikTok Ban
WIRED spoke with the coauthor of the Restrict Act, a bipartisan bill to crack down on tech from six “hostile” countries...
Out-of-Bounds Read
thunderbird is vulnerable to out of bounds read. A locally-installed hostile program could send WMCOPYDATA messages which the library incorrectly processes, leading to an out-of-bounds read...
[updated]REvil ransomware disappears after Tor services hijacked
With some pests you hope they never recover from a blow. It’s almost too good to be true, but one can hope. This is one of them. The REvil ransomware group has shut down their operation for the second time this year after losing control over their Tor-based domains. Shutdown number 1 REvils first...
exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp
A flaw was found in exiv2. A flawed bounds checking in the jp2Image.cpp:doWriteMetadata function leads to a heap-based buffer overflow. This flaw allows an attacker who can provide a malicious image to an application using the exiv2 library, to write data out of bounds and potentially execute cod...
openSUSE 15 Security Update : MozillaThunderbird (openSUSE-SU-2021:2003-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2003-1 advisory. - A locally-installed hostile program could send WMCOPYDATA messages that Firefox would process incorrectly, leading to an out-of-bounds...
CVE-2021-29964
A locally-installed hostile program could send WMCOPYDATA messages that Firefox would process incorrectly, leading to an out-of-bounds read. This bug only affects Firefox on Windows. Other operating systems are unaffected.. This vulnerability affects Thunderbird 78.11, Firefox 89, and Firefox ESR...
Arbitrary code execution in ExifTool
Impact Arbitrary code execution can occur when running exiftool against files with hostile metadata payloads. Patches ExifTool has already been patched in version 12.24. exiftool-vendored, which vendors ExifTool, includes this patch in v14.3.0. Workarounds No. References...
5 Ways Your Software Supply Chain is Out to Get You, Part 5: Hostile Takeover
We have come to the fifth and last part of this blog series on software supply chain attacks. Previously, we discussed four notorious supply chain attack methods, Vendor Compromise, Exploit Third Party Applications, Exploit Open Source Libraries, and Dependency Confusion and provided insight into...
[SECURITY] Fedora 32 Update: minetest-5.4.1-1.fc32
Game of mining, crafting and building in the infinite world of cubic blocks with optional hostile creatures, features both single and the network multiplayer mode, mods. Public multiplayer servers are available...
[SECURITY] Fedora 33 Update: minetest-5.4.1-1.fc33
Game of mining, crafting and building in the infinite world of cubic blocks with optional hostile creatures, features both single and the network multiplayer mode, mods. Public multiplayer servers are available...
CVE-2020-13817
A high-performance ntpd instance that gets its time from unauthenticated IPv4 time sources may be vulnerable to an off-path attacker who can query time from the victim's ntpd instance. An attacker who can send a large number of packets with the spoofed IPv4 address of the upstream server can use...
CVE-2019-9022
An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dnsgetrecord misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects phpparser...
php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpcdecode can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64decodexmlrpc in ext/xmlrpc/libxmlrpc/base64.c...
RUSTSEC-2019-0005 Format string vulnerabilities in `pancurses`
pancurses::mvprintw and pancurses::printw passes a pointer from a rust &str to C, allowing hostile input to execute a format string attack, which trivially allows writing arbitrary data to stack memory...
CVE-2019-9022
Removed by vendor...
UBUNTU-CVE-2019-9024
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpcdecode can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64decodexmlrpc in ext/xmlrpc/libxmlrpc/base64.c...
Robber - Tool For Finding Executables Prone To DLL Hijacking
Robber is a free open source tool developed using Delphi XE2 without any 3rd party dependencies. What is DLL hijacking ?! Windows has a search path for DLLs in its underlying architecture. If you can figure out what DLLs an executable requests without an absolute path triggering this search...
October 16, 2018 – Morning Cyber Coffee Headlines – “Yale” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! October 16, 2018 - Headlines U.K. Cyber Security Center Says Most Attacks Are...