EUVD-2020-30090

Malware in sbrugna...

Apple iOS and iPadOS Security Vulnerabilities

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 16.6 and iPadOS version 16.6, which stems from Processing web...

ZZCMS Password Reset Vulnerability

ZZCMS is a content management system CMS by Zzcms team in China. A password reset vulnerability exists in zzcms version 201910. The vulnerability stems from The vulnerability stems from an improperly designed or implemented code development process for a web-based system or product. An attacker c...

CVE-2020-4928

IBM Cloud Pak System 2.3 could allow a local privileged attacker to upload arbitrary files. By intercepting the request and modifying the file extention, the attacker could execute arbitrary code on the server. IBM X-Force ID: 191705...

OpenBSD 2.9/3.0 - Default Crontab Root Command Injection

/ source: https://www.securityfocus.com/bid/4495/info OpenBSD ships with a number of cron jobs configured by default. The tasks are for the purpose of summarizing system information. The mail1 utility is used to send the summaries to the root user. This utility supports escaped characters in...

Glibc Local Root Exploit

Hi all, This has been bouncing around on vuln-dev and the debian-devel lists. It effects glibc = 2.1.9x and it would seem many if not all OSes using these versions of glibc. Ben Collins writes, "This wasn't supposed to happen, and the actual fix was a missing comma in the list of secure env vars...