[FD] Trojan-Dropper.Win32.Googite.b / Unauthenticated Remote Command Execution

Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/4a8d6bc838c09c6701abfa8b283fd0de.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Googite.b Vulnerability: Unauthenticated Remote Command Execution

[FD] Trojan.Win32.Alien.erf / Directory Traversal

Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/57ab194d8c60ee97914eda22e4d71b68_C.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Trojan.Win32.Alien.erf Vulnerability: Directory Traversal Description: The malware deploys a Web

[FD] Trovent Security Advisory 2105-01 / CVE-2021-32612: VeryFitPro unencrypted cleartext transmission of sensitive information

# Trovent Security Advisory 2105-01 # # Unencrypted cleartext transmission of sensitive information ### Overview Advisory ID: TRSA-2105-01 Advisory version: 1.0 Advisory status: Public

[FD] Trojan.Win32.Alien.erf / Remote Stack Buffer Overflow

Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/57ab194d8c60ee97914eda22e4d71b68_B.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Trojan.Win32.Alien.erf Vulnerability: Remote Stack Buffer Overflow Description: The malware

[FD] Trojan.Win32.Alien.erf / Remote Denial of Service

Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/57ab194d8c60ee97914eda22e4d71b68.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Trojan.Win32.Alien.erf Vulnerability: Remote Denial of Service Description: The malware deploys a

[FD] Email-Worm.Win32.Kipis.a / Unauthenticated Remote Code Execution

Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/aa703bc17e3177d3b24a57c5d2a91a0c.txt Contact: malvul...@gmail.com Media: twitter.com/malvuln Threat: Email-Worm.Win32.Kipis.a Vulnerability: Unauthenticated Remote Code Execution Description: The

Re: [FD] popo2, kernel/tun driver bufferoverflow.

Hi, wt., 15 cze 2021 o 09:56 KJ Jung napisał(a): > > Linux kernel 5.4 version. > latest. > > __tun_chr_ioctl function of ~/drivers/net/tun.c has a stack buffer > overflow vulnerability. it get's arg, ifreq_len, and copy the arg(argp) > to ifr(ifreq struct) and this steps are no bounds-checking.

Re: [FD] popo/popo2 linux kernel vulns

Hello KJ Jung, neither of the mails you sent contain bugs. The kernel code is sound and the vulnerabilities you reported don't seem to exist. In your first mail (popo:: linux kernel vulns of it), you point out a flaw in bond_do_ioctl() and bond_set_dev_addr(). // [4]:: x90:

[FD] [SYSS-2021-007]: Protectimus SLIM NFC - External Control of System or Configuration Setting (CWE-15) (CVE-2021-32033)

Advisory ID: SYSS-2021-007 Product: Protectimus SLIM NFC Manufacturer: Protectimus Affected Version(s): Hardware Scheme 70 / Software Version 10.01 Tested Version(s): Hardware Scheme 70 / Software Version 10.01 Vulnerability Type: External Control of System or Configuration Setting (CWE-15)