Security
Headlines
HeadlinesLatestCVEs

Tag

#c++

A New, Spookier Gh0st RAT Malware Haunts Global Cyber Targets

A decade and a half after Gh0st RAT first appeared, the "SugarGh0st RAT" variant aims to make life sweeter for cybercriminals.

DARKReading
Open in Source
#web#mac#windows#apple#microsoft#cisco#java#c++#backdoor#auth
New SugarGh0st RAT targets Uzbekistan government and South Korea

Cisco Talos recently discovered a malicious campaign that likely started as early as August 2023, delivering a new remote access trojan (RAT) we dubbed “SugarGh0st.”

Debian Security Advisory 5568-1

Debian Linux Security Advisory 5568-1 - It was discovered that incorrect memory management in Fast DDS, a C++ implementation of the DDS (Data Distribution Service) might result in denial of service.

CVE-2023-49313: GitHub - horsicq/XMachOViewer: XMachOViewer is a Mach-O viewer for Windows, Linux and MacOS

A dylib injection vulnerability in XMachOViewer 0.04 allows attackers to compromise integrity. By exploiting this, unauthorized code can be injected into the product's processes, potentially leading to remote control and unauthorized access to sensitive user data.

CVE-2023-46480: GitHub - owncast/owncast: Take control over your live stream video by running it yourself. Streaming + chat out of the box.

An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the authHost parameter of the indieauth function.

CVE-2023-31275: TALOS-2023-1748 || Cisco Talos Intelligence Group

An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel file. A specially crafted malformed file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

CVE-2023-48106: Heap-buffer-overflow in mz_os.c:188 in mz_path_resolve · Issue #740 · zlib-ng/minizip-ng

Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mz_path_resolve function in the mz_os.c file.

CVE-2023-48230: WebSocket message can cause crash

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled, likely resulting in a crash, enabling a remote denial-of-service attack. Most Cap'n Proto and KJ users are unlikely to have this functionality enabled and so unlikely to be affected. Maintainers suspect only the Cloudflare Workers Runtime is affected. If KJ HTTP is used with WebSocket compression enabled, a malicious peer may be able to cause a buffer underrun on a heap-allocated buffer. KJ HTTP is an optional library bundled with Cap'n Proto, but is not directly used by Cap'n Proto. WebSocket compression is disabled by default. It must be enabled via a setting passed to the KJ HTTP library via `HttpClientSettings` or `HttpServerSettings`. The bytes written out-of-bounds are always a specific co...

CVE-2023-47003: Query crashes in `DataBlock_ItemIsDeleted` · Issue #3063 · RedisGraph/RedisGraph

An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial of service via a crafted string in DataBlock_ItemIsDeleted.