Security
Headlines
HeadlinesLatestCVEs

Tag

#c++

Red Hat Security Advisory 2023-4645-01

Red Hat Security Advisory 2023-4645-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.121 and .NET Runtime 6.0.21. Issues addressed include a denial of service vulnerability.

Packet Storm
Open in Source
#vulnerability#linux#red_hat#dos#c++#rce
Red Hat Security Advisory 2023-4641-01

Red Hat Security Advisory 2023-4641-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.121 and .NET Runtime 6.0.21. Issues addressed include a denial of service vulnerability.

CVE-2023-28479: Full C Compiler Toolchain Installed

An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform installs a full development toolchain within every TigerGraph deployment. An attacker is able to compile new executables on each Tigergraph system and modify system and Tigergraph binaries.

CVE-2023-28480: Silently Install UDF

An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform allows users to define new User Defined Functions (UDFs) from C/C++ code. To support this functionality TigerGraph allows users to upload custom C/C++ code which is then compiled and installed into the platform. An attacker who has filesystem access on a remote TigerGraph system can alter the behavior of the database against the will of the database administrator; thus effectively bypassing the built in RBAC controls.

CVE-2023-40359: XTERM - Change Log

xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue.

South African Power Supplier Hit by DroxiDat Malware

By Deeba Ahmed Cybersecurity researchers at Securelist have discovered a cyberattack against a power-generating firm in South Africa. Reportedly, the firm… This is a post from HackRead.com Read the original post: South African Power Supplier Hit by DroxiDat Malware

CVE-2023-40296: Stack Buffer Overflow in static void ReceiveFrom(UDPSocket* udpSocket) at udpsocket.hpp · Issue #32 · eminfedar/async-sockets-cpp

async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets.

MoustachedBouncer Hackers Caught Spying on Embassies

By Deeba Ahmed MoustachedBouncer is a Belarusian government-backed hacking group that has been active since 2014. This is a post from HackRead.com Read the original post: MoustachedBouncer Hackers Caught Spying on Embassies

CVE-2021-3236: Lack of verification of wp->w_buffer causes null pointer references in ex_buffer_all() · Issue #7674 · vim/vim

vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method.

CVE-2021-25786: Heap-use-after-free in `Pl_ASCII85Decoder::write` · Issue #492 · qpdf/qpdf

An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.