CyberDanube Security Research 20221009-0
---
title| Authenticated Command Injection
product| Intelbras WiFiber 120AC inMesh
vulnerable version| 1.1-220216
fixed version| 1-1-220826
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/1164ef21ef2af97e0339359c0dce5e7d.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.DarkSky.23
Vulnerability: Remote Stack Buffer Overflow (SEH)
Description
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-10-10-1 iOS 16.0.3
iOS 16.0.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213480.
Mail
Available for: iPhone 8 and later
Impact: Processing a maliciously craf
On 10/12/22 22:39, Georgi Guninski wrote:
On Fri, Sep 16, 2022 at 6:44 AM Matthew Fernandez
wrote:
What is the security boundary being violated here? As a maintainer of
some of the packages implicated here, I’m unsure what my actionable
tasks are. The threat model(s) for my packages does
On Fri, Sep 16, 2022 at 6:44 AM Matthew Fernandez
wrote:
>
>
> What is the security boundary being violated here? As a maintainer of
> some of the packages implicated here, I’m unsure what my actionable
> tasks are. The threat model(s) for my packages does not consider crashes
> to be a security
Apple Music Android Application - MITM SSL Certificate Vulnerability
(CVE-2022-32906)
https://www.info-sec.ca/advisories/Apple-Music-Android.html
Overview
"Stream over 90 million songs, all ad-free."
(https://play.google.com/store/apps/details?id=com.apple.android.music)
Issue
The Apple Musi