This report is being published within a coordinated disclosure
procedure. The researcher has been in contact with the vendor
but not received a satisfactory response within a given time
frame. As the attack complexity is low and exploits have already
been published by a third party there must b
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:BeCustom Wordpress Plugin
Vendor URL: https://muffingroup.com/betheme/features/be-custom/
Type: Cross-Site Request Forgery [CWE-253]
Date found: 2021-10-28
Date publ
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/2047ac6183da4dfb61d2562721ba0720.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Aphexdoor.LiteSock
Vulnerability: Remote Stack Buffer Overflow (SEH)
Des
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/bc2ccf92bea475f828dcdcb1c8f6cc92.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: HEUR:Trojan.MSIL.Agent.gen
Vulnerability: Information Disclosure
Description: the malwa
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/05a082d441d9cf365749c0e1eb904c85.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.RemServ.d
Vulnerability: Unauthenticated Remote Command Execution
Family
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-11-09-1 iOS 16.1.1 and iPadOS 16.1.1
iOS 16.1.1 and iPadOS 16.1.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213505.
libxml2
Available for: iPhone 8 and late
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2022-11-09-2 macOS Ventura 13.0.1
macOS Ventura 13.0.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213504.
libxml2
Available for: macOS Ventura
Impact: A remote us
SEC Consult Vulnerability Lab Security Advisory < 20221109-0 >
===
title: Multiple Critical Vulnerabilities
product: Simmeth System GmbH Supplier manager (Lieferantenmanager)
vulnerable version: < 5.6
SEC Consult Vulnerability Lab Security Advisory < 20221110-0 >
===
title: HTML Injection
product: BMC Remedy ITSM-Suite
vulnerable version: 9.1.10 (= 20.02 in new versioning scheme)
fixed versio
SEC Consult Vulnerability Lab Security Advisory < 20221114-0 >
===
title: Path Traversal Vulnerability
product: Payara Platform
vulnerable version: Enterprise: <5.45.0
Community:
10 matches
Mail list logo