Fedora: Security Advisory for radare2 (FEDORA-2021-e3c95619c1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: radare2-5.1.1-1.fc32

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

Accusoft ImageGear out-of-bounds write vulnerability (CNVD-2021-12103)

Accusoft ImageGear is a multi-platform, multi-language document imaging developer toolkit. An out-of-bounds write vulnerability exists in the TIFF parser of Accusoft ImageGear 19.8. An attacker can exploit this vulnerability via specially crafted files to achieve code execution...

SoftMaker Office PlanMaker Integer Overflow Vulnerability

SoftMaker Office PlanMaker is a German Softmaker SoftMaker company supports multi-platform office software in the spreadsheet suite. An integer overflow vulnerability exists in SoftMaker Office PlanMaker 2021, which can be exploited by an attacker to execute code within the context of the...

SoftMaker Office PlanMaker Memory Corruption Vulnerability

SoftMaker Office PlanMaker is a German Softmaker SoftMaker company supports multi-platform office software in the spreadsheet suite. SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 suffers from a memory corruption vulnerability that can be exploited by an attacker to cause a heap buffer...

SoftMaker Office PlanMaker Buffer Overflow Vulnerability (NVD-C-2021-38552)

SoftMaker Office PlanMaker is a German Softmaker SoftMaker company supports multi-platform office software in the spreadsheet suite. A buffer overflow vulnerability exists in SoftMaker Office PlanMaker 2021. No detailed vulnerability details are provided at this time...

SoftMaker Office PlanMaker Buffer Overflow Vulnerability (CNVD-2021-14030)

SoftMaker Office PlanMaker is a German Softmaker SoftMaker company supports multi-platform office software in the spreadsheet suite. A buffer overflow vulnerability exists in SoftMaker Office PlanMaker 2021, and no detailed vulnerability details are provided at this time...

A New Linux Malware Targeting High-Performance Computing Clusters

High-performance computing clusters belonging to university networks as well as servers associated with government agencies, endpoint security vendors, and internet service providers have been targeted by a newly discovered backdoor that gives attackers the ability to execute arbitrary commands o...

SoftMaker Office Symbol Extension Vulnerability

Softmaker Office is a multi-platform office software from Softmaker Germany. A symbol expansion vulnerability exists in SoftMaker Office 2021, which originates when the index of the TextMaker document parsing function loop of the TextMaker application is written outside the boundaries of the heap...

IBM Financial Transaction Manager Authorization Issues Vulnerability

IBM Financial Transaction Manager for High Value Payments for Multi-Platform FTM HVP is a financial transaction manager for multi-platforms from IBM, USA. The product is primarily used to monitor, track and report on financial payments and transactions. An authorization issue vulnerability exists...

Security Bulletin: Financial Transaction Manager for Check Services is affected by a potential logout session timeout (CVE-2020-4555)

Summary Login session may not be invalidated in a timely manner on timeout. Vulnerability Details CVEID: CVE-2020-4555 DESCRIPTION: IBM Financial Transaction Manager for High Value Payments for Multi-Platform does not invalidate session after logout which could allow an authenticated user to...

Gustave - Embedded OS kernel fuzzer

GUSTAVE is a fuzzing platform for embedded OS kernels. It is based on QEMU and AFL and all of its forkserver siblings. It allows to fuzz OS kernels like simple applications. Thanks to QEMU, it is multi-platform. One can see GUSTAVE as a AFL forkserver implementation inside QEMU, with fine grain...

IT threat evolution Q3 2020

Targeted attacks MATA: Lazaruss multi-platform targeted malware framework The more sophisticated threat actors are continually developing their TTPs Tactics, Techniques and Procedures and the toolsets they use to compromise the systems of their targets. However, malicious toolsets used to target...

Butler ordering is prone to SQL injection vulnerability

Butler's Order Easy, a collection of PC Mall + WeChat Mall + WeChat Small Program + APP Mall + h5 Mall four-in-one online ordering mall system, seamlessly connecting to Butler's software, to achieve seamless connection of commodities, inventory, orders, customers, finance and other data. Butler's...

Windows GravityRAT Malware Now Also Targets macOS and Android Devices

A Windows-based remote access Trojan believed to be designed by Pakistani hacker groups to infiltrate computers and steal users' data has resurfaced after a two-year span with retooled capabilities to target Android and macOS devices. According to cybersecurity firm Kaspersky, the malware — dubbe...

Security Bulletin: Financial Transaction Manager for ACH Services is affected by a potential information disclosure id 177835

Summary Financial Transaction Manager for ACH Services FTM ACH for Multi-Platform has addressed the following vulnerability. A potential vulnerability in the Apache Commons Codec module could allow information disclosure. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commons...

Fedora: Security Advisory for radare2 (FEDORA-2020-d5b33b6e6c)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: A vulnerability in IBM Java Runtime affect Financial Transaction Manager for Check Services (CVE-2019-4732)

Summary There is vulnerability in IBM® Runtime Environment Java™ Version 8 used by Financial Transaction Manager for Check Services. Financial Transaction Manager for Check Services FTM CHK has addressed the applicable CVE.brIf you run your own Java code using the IBM Java Runtime delivered with...

Security Bulletin: Financial Transaction Manager for Check Services is affected by a potential information disclosure id 177835

Summary Financial Transaction Manager for Check Services FTM CHK for Multi-Platform has addressed the following vulnerability. A potential vulnerability in the Apache Commons Codec module could allow information disclosure. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commo...

[SECURITY] Fedora 32 Update: radare2-4.5.0-2.fc32

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...