[FD] SEC Consult SA-20240220-0 :: Multiple Stored Cross-Site Scripting Vulnerabilities in OpenOLAT (Frentix GmbH)

SEC Consult Vulnerability Lab Security Advisory < 20240220-0 > === title: Multiple Stored Cross-Site Scripting Vulnerabilities product: OpenOLAT (Frentix GmbH) vulnerable version: <

Re: [FD] Buffer Overflow in graphviz via via a crafted config6a file

On 1/27/24 10:15, Matthew Fernandez wrote: On 1/20/24 15:07, Meng Ruijie wrote: [Vulnerability description] Buffer Overflow vulnerability in graphviz v.2.43.0 allows a remote attacker to execute arbitrary code via a crafted config6a file. [Vulnerability Type] Buffer Overflow More

[FD] CVE-2024-24681: Insecure AES key in Yealink Configuration Encrypt Tool

CloudAware Security Advisory CVE-2024-24681: Insecure AES key in Yealink Configuration Encrypt Tool Summary A single, vendorwide, hardcoded AES key

[FD] Microsoft Windows Defender / Backdoor:JS/Relvelshe.A / Detection Mitigation Bypass

[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/Windows_Defender_Backdoor_JS.Relvelshe.A_Detection_Mitigation_Bypass.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product]

[FD] Microsoft Windows Defender / VBScript Detection Bypass

[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_VBSCRIPT_TROJAN_MITIGATION_BYPASS.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product] Windows

[FD] Microsoft Windows Defender / Trojan.Win32/Powessere.G / Detection Mitigation Bypass Part 3

[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_TROJAN.WIN32.POWESSERE.G_MITIGATION_BYPASS_PART_3.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com