[TZO-04-2020] Bitdefender Generic Malformed Archive Bypass (BZ2)
All Bitdefender Products and Vendors that have licensed the Engine before Dec 12 2019. Exact version is unknown as Bitdefender
Leer másProblemas de seguridad, hay que promover la cultura del parcheo … sin mas. Un parche instalado a tiempo te evita problemas en el futuro (bueno, lo mismo con Microsoft hay que esperar un poco mas).
All Bitdefender Products and Vendors that have licensed the Engine before Dec 12 2019. Exact version is unknown as Bitdefender
Leer más10 years ago I took a look at ways to evade AV/DLP Engine detection by using various techniques and released
Leer más10 years ago I took a look at ways to evade AV/DLP Engine detection by using various techniques and released
Leer más10 years ago I took a look at ways to evade AV/DLP Engine detection by using various techniques and released
Leer másDuring a penetration test, RedTeam Pentesting discovered that the IceWarp WebMail Server is prone to user-assisted cross-site scripting attacks in
Leer másWindows «.group» files are related to Contact files and suffer from unexpected code execution when clicking the «Contact Group Details»
Leer másSeveral issues were discovered in the Tomcat servlet and JSP engine, which could result in session fixation attacks, information disclosure,
Leer másIt was discovered that debian-lan-config, a FAI config space for the Debian-LAN system, configured too permissive ACLs for the Kerberos
Leer másGuido Vranken discovered an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli.
Leer másIt was found that freeimage, a graphics library, was affected by the following two security issues.
Leer másMicrosoft Exchange Server, External Service Interaction (DNS) Exchange Server 2013 CU22 and previous.
Leer másIt was discovered that the Title blacklist functionality in MediaWiki, a website engine for collaborative work, could by bypassed.
Leer másNew openssl packages are available for Slackware 14.2 and -current to fix a security issue.
Leer másCA Technologies, A Broadcom Company, is alerting customers to a potential risk with CA Client Automation agent on Windows. A
Leer másStephan Zeisberg reported an out-of-bounds write vulnerability in the _sasl_add_string() function in cyrus-sasl2, a library implementing the Simple Authentication and
Leer másNew wavpack packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
Leer másIt was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the «fileinto»
Leer másIt was discovered that debian-edu-config, a set of configuration files used for the Debian Edu blend, configured too permissive ACLs
Leer másIt was discovered that python-ecdsa, a cryptographic signature library for Python, incorrectly handled certain signatures. A remote attacker could use
Leer másAyer soltaron una nueva versión de mantenimiento de WordPress. Esta 5.3.2 resuelve algunos pequeños problemas que han detectado en la
Leer más