AMD System Management Unit 缓冲区错误漏洞

The AMD System Management Unit SMU is a system management unit of AMD Corporation. A security vulnerability exists in the AMD System Management Unit that originates from memory and code execution corruption due to the use of a malicious or compromised UApp or ABL to issue a malformed system call ...

PT-2022-9737 · Amd · Agesa Boot Loader +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A malicious or compromised User Application UApp or AGESA Boot Loader ABL could be used by an attacker to exfiltrate arbitrary memory from the ASP stage...

VulnCheck KEV: CVE-2014-0094

The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method...

VulnCheck KEV: CVE-2014-0114

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute...

UBUNTU-CVE-2022-1649

Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see CWE...

Cybercriminals Using New Malware Loader 'Bumblebee' in the Wild

Cybercriminal actors previously observed delivering BazaLoader and IcedID as part of their malware campaigns are said to have transitioned to a new loader called Bumblebee that's under active development. "Based on the timing of its appearance in the threat landscape and use by multiple...

CVE-2022-23822

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader FSBL by bypassing authentication and loading a malicious image onto the device. This in turn may further allow the attacker to perform additional attacks such as such as using the device as a...

CVE-2022-23822

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader FSBL by bypassing authentication and loading a malicious image onto the device. This in turn may further allow the attacker to perform additional attacks such as such as using the device as a...

CVE-2022-23822

CVE-2022-23822 concerns the Zynq-7000 SoC First Stage Boot Loader (FSBL). A physical attack may bypass FSBL authentication and load a malicious image onto the device, enabling the attacker to perform further actions such as using the device as a decryption oracle. The NVD entry notes a mitigation...

CVE-2022-23822

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader FSBL by bypassing authentication and loading a malicious image onto the device. This in turn may further allow the attacker to perform additional attacks such as such as using the device as a...

CVE-2022-23822

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader FSBL by bypassing authentication and loading a malicious image onto the device. This in turn may further allow the attacker to perform additional attacks such as such as using the device as a...

Newly patched VMware vulnerability exploited by Iranian espionage group, Rocket Kitten

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here An Iranian cyber espionage gang known as Rocket Kitten has began delivering the Core Impact penetration testing tool on susceptible computers by exploiting a newly fixed severe vulnerability in VMware Workspace ONE...

Iranian Hackers Exploiting VMware RCE Bug to Deploy 'Core Impact' Backdoor

An Iranian-linked threat actor known as Rocket Kitten has been observed actively exploiting a recently patched VMware vulnerability to gain initial access and deploy the Core Impact penetration testing tool on vulnerable systems. Tracked as CVE-2022-22954 CVSS score: 9.8, the critical issue...

Mageia: Security Advisory (MGASA-2022-0148)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2022-0148 Updated openscad packages fix security vulnerability

Out-of-bounds memory access in DXF loader. CVE-2022-0496 Out-of-bounds memory access in comment parser. CVE-2022-0497...

Updated openscad packages fix security vulnerability

Out-of-bounds memory access in DXF loader. CVE-2022-0496 Out-of-bounds memory access in comment parser. CVE-2022-0497...

Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities (cisco-sa-cdb-cmicr-vulns-KJjFtNb)

According to its self-reported version, Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities is affected by the following vulnerabilities: - A denial of service DoS vulnerability exists in the boot loader. An unauthenticated, physical attacker can...

Shhhloader - SysWhispers Shellcode Loader

Shhhloader is a SysWhispers Shellcode Loader that is currently a Work in Progress. It takes raw shellcode as input and compiles a C++ stub that has been integrated with SysWhispers in order to bypass AV/EDR. The included python builder will work on any Linux system that has Mingw-w64 installed. T...

APT 10, a state-sponsored Chinese threat group, conducting a global cyber espionage operation

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A Chinese state-sponsored advanced persistent threat APT 10 group has been attacking government, legal, religious entities and non-governmental organizations NGOs around the world in what appears to be an espionage campaign th...

A week in security (April 4 – 10)

Last week on Malwarebytes Labs: Why data protection and privacy are not the same, and why that matters: Lock and Code S03E09 YouTube channels of Taylor Swift, Justin Bieber, Harry Styles, and other musicians compromised Successful operations against Russian Sandworm and Strontium groups targeting...