Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

CVE-2021-33226: salt/status.py at master · saltstack/salt

Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file.

CVE
Open in Source
#vulnerability#ios#mac#windows#linux#git#oracle#intel#amd#buffer_overflow#auth
CVE-2020-19824: race condition in audio.c on uninit · Issue #6808 · mpv-player/mpv

An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the ao_c parameter.

Red Hat Security Advisory 2023-0728-01

Red Hat Security Advisory 2023-0728-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.3.

CVE-2022-32972: CVE-2022-32972: Infoblox BloxOne Endpoint for Windows local privilege escalation

Infoblox BloxOne Endpoint for Windows through 2.2.7 allows DLL injection that can result in local privilege escalation.

⚡Top Cybersecurity News Stories This Week — Cybersecurity Newsletter

Hey 👋 there, cyber friends! Welcome to this week's cybersecurity newsletter, where we aim to keep you informed and empowered in the ever-changing world of cyber threats. In today's edition, we will cover some interesting developments in the cybersecurity landscape and share some insightful analysis of each to help you protect yourself against potential attacks. 1. Apple 📱 Devices Hacked with

Armenian Entities Hit by New Version of OxtaRAT Spying Tool

Entities in Armenia have come under a cyber attack using an updated version of a backdoor called OxtaRAT that allows remote access and desktop surveillance. "The tool capabilities include searching for and exfiltrating files from the infected machine, recording the video from the web camera and desktop, remotely controlling the compromised machine with TightVNC, installing a web shell,

Mortal Kombat ransomware forms tag team with crypto-stealing malware

Categories: News Tags: mortal kombat Tags: ransomware Tags: laplas clipper Tags: cryptocurrency Tags: encrypt Tags: network Tags: infect Tags: ransom Tags: demand Tags: BAT file Tags: email Tags: phish Tags: phishing Tags: attachment It’s like a choose your own adventure game gone horribly wrong. (Read more...) The post Mortal Kombat ransomware forms tag team with crypto-stealing malware appeared first on Malwarebytes Labs.

New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices

A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto Networks Unit 42, which identified three different campaigns likely conducted by the same threat actor. "Once the vulnerable devices are compromised, they

Critical RCE Vulnerability Discovered in ClamAV Open-Source Antivirus Software

Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that could lead to remote code execution on susceptible devices. Tracked as CVE-2023-20032 (CVSS score: 9.8), the issue relates to a case of remote code execution residing in the HFS+ file parser component. The flaw affects versions 1.0.0 and earlier, 0.105.1 and earlier, and

ESXi Ransomware Update Outfoxes CISA Recovery Script

New ESXiArgs-ransomware attacks include a workaround for CISA's decryptor, researchers find.