Ubuntu Security Notice 5743-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.
76560acae7e4f7c49d3b954be28a8983a71c85e0d0d5651f1eb15e998f3d7e0eBackdoor.Win32.Autocrat.b malware suffers from a weak hardcoded credential vulnerability.
d7a1dbe69c51797b7a119cf51d50bfdc0cf2f5d6383559a3c42e0b551d24f2ffUbuntu Security Notice 5742-1 - It was discovered that JBIG-KIT incorrectly handled decoding certain large image files. If a user or automated system using JBIG-KIT were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service.
5e6b01c7b9590d67ac5d2f31e28ada5bb831dc18ea0d6437e725f0dbdfaa990eWin32.Ransom.Conti ransomware fails to encrypt non PE files that have a ".exe" in the filename. Creating specially crafted file names successfully evaded encryption for this malware sample.
d9c0e9406b722512df44cebb17c86eb5064420bbea72fa35eda62ac98a591282Trojan.Win32.DarkNeuron.gen malware creates an IPC pipe with a NULL DACL allowing RW for the Everyone user.
419a95e24053a48a5b8a151771f5d30d68d5dbe8ac113c538ae6b1f007c00d2aUbuntu Security Notice 5741-1 - It was discovered that Exim incorrectly handled certain regular expressions. An attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code.
c46261cbbb9d48d6c57b8a00ef1a2dcf11ea8b4fa2eade1ae7192c04c57bd1aeHelmet Store Showroom version 1.0 suffers from an authenticated remote SQL injection vulnerability.
3e66b115ba8748f4ad2101302dc9ed47242e049cd2dfe657bde160d836d22ceeSanitization Management System version 1.0 suffers from a remote SQL injection vulnerability. This entry was updated in January of 2024 with additional findings.
3a4de72e3b739ff23b5ce1e6d25229108f69fd6464014bc7ad7fb001ce6a3b8cChrome suffers from a heap use-after-free vulnerability in blink::LocalFrameView::PerformLayout due to an incomplete fix for CVE-2022-3199.
ede5dbd6ee9c5895a1b02c8bc6cefd5dfe9adef84fd2fceb45bd3140cd0fa16bXNU suffers from a vm_object use-after-free vulnerability due to invalid error handling in vm_map_enter.
5ef6c77b173e377d874346d025662d6a74af50dd2789a4af20f0430f362f87dfXNU suffers from a dangling PTE entry due to integer truncation when collapsing vm_object shadow chains.
29e4042cd9a0b7666d0b7fda5c45703a1a078adf7f5202670b30f28e36559698
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed