#rce

Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network (VPN) clients that could be potentially exploited to gain remote code execution on Windows and macOS systems. "By targeting the implicit trust VPN clients place in servers, attackers can manipulate client behaviours, execute arbitrary commands, and gain high levels of access

SmokeLoader malware has resurfaced with enhanced capabilities and functionalities, targeting your personal data.

Red Hat Security Advisory 2024-10666-03 - An update for the gimp:2.8.22 module is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include a buffer overflow vulnerability.

**Vulnerability type: Prototype Pollution** **Affected Package:** Product: @intlify/shared Version: 10.0.4 **Vulnerability Location(s):** `node_modules/@intlify/shared/dist/shared.cjs:232:26` **Description:** The latest version of `@intlify/shared (10.0.4)` is vulnerable to Prototype Pollution through the entry function(s) `lib.deepCopy`. An attacker can supply a payload with `Object.prototype` setter to introduce or modify properties within the global prototype chain, causing denial of service (DoS) the minimum consequence. Moreover, the consequences of this vulnerability can escalate to other injection-based attacks, depending on how the library integrates within the application. For instance, if the polluted property propagates to sensitive Node.js APIs (e.g., exec, eval), it could enable an attacker to execute arbitrary commands within the application's context. **PoC:** ```bash // install the package with the latest version ~$ npm install @intlify/[email protected] // run t...

### Impact Executing policy checks using custom schematron files via the CLI invokes an XSL transformation that may theoretically lead to a remote code execution (RCE) vulnerability. ### Patches We are currently working on a patch that will be released when ready. ### Workarounds This doesn't affect the standard validation and policy checks functionality, veraPDF's common use cases. Most veraPDF users don't insert any custom XSLT code into policy profiles, which are based on Schematron syntax rather than direct XSL transforms. For users who do, only load custom policy files from sources you trust. ### References Original issue: #1488

Nearly two dozen security vulnerabilities have been disclosed in Advantech EKI industrial-grade wireless access point devices, some of which could be weaponized to bypass authentication and execute code with elevated privileges. "These vulnerabilities pose significant risks, allowing unauthenticated remote code execution with root privileges, thereby fully compromising the confidentiality,

New episode “In The Trend of VM” (#9): 4 trending vulnerabilities of October, scandal at The Linux Foundation, social “attack on the complainer”, “Ford’s method” for motivating IT specialists to fix vulnerabilities. The competition for the best question on the topic of VM continues. 😉🎁 📹 Video on YouTube, LinkedIn🗞 Post on Habr (rus)🗒 Digest […]

Ubuntu Security Notice 7130-1 - It was discovered that GitHub CLI incorrectly handled username validation. An attacker could possibly use this issue to perform remote code execution if the user connected to a malicious server.

Researchers reveal major vulnerabilities in popular corporate VPN clients, allowing remote attacks. Discover the NachoVPN tool and expert…

Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices — and enterprise servers.