Piergiorgio Venuti

DefenseCode ThunderScan SAST Advisory: WordPress Easy Modal Plugin Multiple Security Vulnerabilities

Read More

Condividi


RSS

Piu’ articoli…

Categorie …

Tags

RSS CSIRT

RSS Dark Reading:

RSS Full Disclosure

  • APPLE-SA-2021-09-13-5 Safari 14.1.2 Settembre 17, 2021
    Posted by Apple Product Security via Fulldisclosure on Sep 17APPLE-SA-2021-09-13-5 Safari 14.1.2 Safari 14.1.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212808. WebKit Available for: macOS Catalina and macOS Mojave Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that […]
  • APPLE-SA-2021-09-13-4 Security Update 2021-005 Catalina Settembre 17, 2021
    Posted by Apple Product Security via Fulldisclosure on Sep 17APPLE-SA-2021-09-13-4 Security Update 2021-005 Catalina Security Update 2021-005 Catalina addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212805. CoreGraphics Available for: macOS Catalina Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report […]
  • APPLE-SA-2021-09-13-3 macOS Big Sur 11.6 Settembre 17, 2021
    Posted by Apple Product Security via Fulldisclosure on Sep 17APPLE-SA-2021-09-13-3 macOS Big Sur 11.6 macOS Big Sur 11.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212804. CoreGraphics Available for: macOS Big Sur Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a […]
  • APPLE-SA-2021-09-13-2 watchOS 7.6.2 Settembre 17, 2021
    Posted by Apple Product Security via Fulldisclosure on Sep 17APPLE-SA-2021-09-13-2 watchOS 7.6.2 watchOS 7.6.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212806. CoreGraphics Available for: Apple Watch Series 3 and later Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report […]
  • APPLE-SA-2021-09-13-1 iOS 14.8 and iPadOS 14.8 Settembre 17, 2021
    Posted by Apple Product Security via Fulldisclosure on Sep 17APPLE-SA-2021-09-13-1 iOS 14.8 and iPadOS 14.8 iOS 14.8 and iPadOS 14.8 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212807. CoreGraphics Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, […]
  • AMD Chipset Driver Information Disclosure Vulnerability [CVE-2021-26333] Settembre 17, 2021
    Posted by disclosure on Sep 17We recently discovered a critical information disclosure vulnerability that affected the AMD Platform Security Processor (PSP) chipset driver for multiple CPU architectures. The vulnerability allowed non-privileged users to read uninitialised physical memory pages, where the original data was either moved or paged out. https://zeroperil.co.uk/cve-2021-26333/ Regards, Kyriakos Economou | Co-Founder kye […]
  • Microsoft Windows Command-line Interpreter "cmd.exe" / Stack Buffer Overflow Settembre 17, 2021
    Posted by hyp3rlinx on Sep 17[+] Credits: John Page (aka hyp3rlinx, malvuln) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-CMD.EXE-STACK-BUFFER-OVERFLOW.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product] cmd.exe is the default command-line interpreter for the OS/2, eComStation, ArcaOS, Microsoft Windows (Windows NT family and Windows CE family), and ReactOS operating...
  • Backdoor.Win32.WinterLove.i / Hardcoded Weak Password Settembre 14, 2021
    Posted by malvuln on Sep 14Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/c6c81e8ba0a7b9da6216a78dfeccec8d.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.WinterLove.i Vulnerability: Hardcoded Weak Password Description: The WinterLove malware requires authentication for remote user access. However, the password "plunix" is weak and hardcoded in plaintext within the...
  • Backdoor.Win32.Wollf.h / Unauthenticated Remote Command Execution Settembre 14, 2021
    Posted by malvuln on Sep 14Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/d0fd60516d53b2ad602c460351dbaa85.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Wollf.h Vulnerability: Unauthenticated Remote Command Execution Description: The malware listens on TCP port 7614 installs a service named WRM. Third-party attackers who can reach the system can get a shell with […]
  • Backdoor.Win32.VB.awm / Authentication Bypass - Information Leakage Settembre 14, 2021
    Posted by malvuln on Sep 14Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/2271d942a23a89d7adea524d4ac3c13f.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.VB.awm Vulnerability: Authentication Bypass - Information Leakage Description: The "Cryptech Heat" malware listens on TCP port 3786 and has an option to set an remote access password. The malware also runs […]

Customers

Newsletter