Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Ubuntu Security Notice USN-5814-1

Ubuntu Security Notice 5814-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Packet Storm
Open in Source
#vulnerability#google#microsoft#ubuntu#linux#dos#oracle#intel#perl#buffer_overflow
OpenText Extended ECM 22.3 File Deletion / LFI / Privilege Escsalation

OpenText Extended ECM versions 16.2.2 through 22.3 suffer from arbitrary file deletion, information disclosure, local file inclusion, and privilege escalation vulnerabilities.

OpenText Extended ECM 22.3 Java Frontend Remote Code Execution

OpenText Extended ECM versions 20.4 through 22.3 suffer from a pre-authentication remote code execution vulnerability in the Java frontend.

OpenText Extended ECM 22.3 cs.exe Remote Code Execution

OpenText Extended ECM versions 20.4 through 22.3 suffer from a pre-authentication remote code execution vulnerability in cs.exe.

CVE-2022-41441: Microsoft Dynamics ERP | End-to-End eProcurement Solution | ReQlogic

Multiple cross-site scripting (XSS) vulnerabilities in ReQlogic v11.3 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the POBatch and WaitDuration parameters.

Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram

The Russian state-sponsored cyber espionage group known as Gamaredon has continued its digital onslaught against Ukraine, with recent attacks leveraging the popular messaging app Telegram to strike military and law enforcement sectors in the country. "The Gamaredon group's network infrastructure relies on multi-stage Telegram accounts for victim profiling and confirmation of geographic location,

OpenAI’s ChatGPT Can Create Polymorphic Malware

By Waqas The researchers managed to create the Polymorphic malware by bypassing the content filters in ChatGPT by using an authoritative tone. This is a post from HackRead.com Read the original post: OpenAI’s ChatGPT Can Create Polymorphic Malware

CVE-2023-23691: DSA-2023-018: Dell PowerVault ME5 Security Update for a Client Desync Attack Vulnerability

Dell EMC PV ME5, versions ME5.1.0.0.0 and ME5.1.0.1.0, contains a Client-side desync Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability to force a victim's browser to desynchronize its connection with the website, typically leading to XSS and DoS.

CVE-2022-48191: Security Bulletin: Trend Micro Maximum Security Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowing a escalation of privileges on an affected system.

PayPal Notifies 35,000 Users of Data Breach

By Habiba Rashid According to PayPal, hackers managed to access the personal information of 34,942 users; however, no transactions were performed from the breached accounts. This is a post from HackRead.com Read the original post: PayPal Notifies 35,000 Users of Data Breach