CVE-2021-30842
Summary: This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big...
Month: October 2021
CVE-2021-30843
Summary: This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big...
CVE-2021-30847
Summary: This issue was addressed with improved checks. This issue is fixed in watchOS 8, macOS Big Sur 11.6, Security...
CVE-2021-30848
Summary: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS...
CVE-2021-30849
Summary: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS...
Red TIM Research found two rare flaws in Ericsson OSS-RC component
The Red Team Research (RTR), the bug’s research division from Italian Telecommunication firm TIM, found 2 new vulnerabilities affecting the...
Russia-linked Nobelium APT targets orgs in the global IT supply chain
Russia-linked Nobelium APTÂ group has breached at least 14 managed service providers (MSPs) and cloud service providers since May 2021. The...
VECTR – A Tool That Facilitates Tracking Of Your Red And Blue Team Testing Activities To Measure Detection And Prevention Capabilities Across Different Attack Scenarios
VECTR documentation can be found here: DocumentationFeature Breakdowns By ReleaseVECTR v7.1.1 Feature BreakdownTeamLEAD PROGRAMMERS:Carl VonderheidGalen FisherDaniel HongPROGRAMMERS:Andrew ScottPatrick HislopDan GuzekZara...
A week in security (Oct 18 – Oct 24)
Last week on Malwarebytes Labs Multiple vulnerabilities in popular WordPress plugin WP Fastest Cache.“Killware”: Is it just as bad as...
NYT Journalist’s iPhone infected twice with NSO Group’sPegasus spyware
Threat actors infected the iPhone of New York Times journalist Ben Hubbard with NSO Group’s Pegasus spyware between June 2018...
Emsisoft created a free decryptor for past victims of the BlackMatter ransomware
Experts from cybersecurity firm Emsisoft announced the availability of a free decryptor for past victims of the BlackMatter ransomware. Cybersecurity...
TodayZoo phishing kit borrows the code from other kits
Microsoft uncovered an extensive series of credential phishing campaigns that employed a custom phishing kit tracked as TodayZoo. Microsoft researchers...
ThreadStackSpoofer – PoC For An Advanced In-Memory Evasion Technique Allowing To Better Hide Injected Shellcode’S Memory Allocation From Scanners And Analysts
A PoC implementation for an advanced in-memory evasion technique that spoofs Thread Call Stack. This technique allows to bypass thread-based...
CVE-2021-0002
Summary: Improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated...
CVE-2021-3778
Summary: vim is vulnerable to Heap-based Buffer Overflow Reference Links(if available): https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273 http://www.openwall.com/lists/oss-security/2021/10/01/1 https://lists.fedoraproject.org/archives/list/[email protected]/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/ https://lists.fedoraproject.org/archives/list/[email protected]/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/ CVSS Score (if available)...
CVE-2021-3778
Summary: vim is vulnerable to Heap-based Buffer Overflow Reference Links(if available): https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273 http://www.openwall.com/lists/oss-security/2021/10/01/1 https://lists.fedoraproject.org/archives/list/[email protected]/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/ https://lists.fedoraproject.org/archives/list/[email protected]/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/ CVSS Score (if available)...
CVE-2021-3778
Summary: vim is vulnerable to Heap-based Buffer Overflow Reference Links(if available): https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273 http://www.openwall.com/lists/oss-security/2021/10/01/1 https://lists.fedoraproject.org/archives/list/[email protected]/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/ https://lists.fedoraproject.org/archives/list/[email protected]/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/ CVSS Score (if available)...
CVE-2021-3778
Summary: vim is vulnerable to Heap-based Buffer Overflow Reference Links(if available): https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273 http://www.openwall.com/lists/oss-security/2021/10/01/1 https://lists.fedoraproject.org/archives/list/[email protected]/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/ https://lists.fedoraproject.org/archives/list/[email protected]/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/ CVSS Score (if available)...
CVE-2021-3778
Summary: vim is vulnerable to Heap-based Buffer Overflow Reference Links(if available): https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273 http://www.openwall.com/lists/oss-security/2021/10/01/1 https://lists.fedoraproject.org/archives/list/[email protected]/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/ https://lists.fedoraproject.org/archives/list/[email protected]/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/ CVSS Score (if available)...
CVE-2021-3778
Summary: vim is vulnerable to Heap-based Buffer Overflow Reference Links(if available): https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273 http://www.openwall.com/lists/oss-security/2021/10/01/1 https://lists.fedoraproject.org/archives/list/[email protected]/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/ https://lists.fedoraproject.org/archives/list/[email protected]/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/ CVSS Score (if available)...
CVE-2021-3778
Summary: vim is vulnerable to Heap-based Buffer Overflow Reference Links(if available): https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273 http://www.openwall.com/lists/oss-security/2021/10/01/1 https://lists.fedoraproject.org/archives/list/[email protected]/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/ https://lists.fedoraproject.org/archives/list/[email protected]/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/ CVSS Score (if available)...
CVE-2021-3778
Summary: vim is vulnerable to Heap-based Buffer Overflow Reference Links(if available): https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273 http://www.openwall.com/lists/oss-security/2021/10/01/1 https://lists.fedoraproject.org/archives/list/[email protected]/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/ https://lists.fedoraproject.org/archives/list/[email protected]/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/ CVSS Score (if available)...
CVE-2021-3796
Summary: vim is vulnerable to Use After Free Reference Links(if available): https://github.com/vim/vim/commit/35a9a00afcb20897d462a766793ff45534810dc3 https://huntr.dev/bounties/ab60b7f3-6fb1-4ac2-a4fa-4d592e08008d http://www.openwall.com/lists/oss-security/2021/10/01/1 https://lists.fedoraproject.org/archives/list/[email protected]/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/ https://lists.fedoraproject.org/archives/list/[email protected]/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/ CVSS Score (if available)...
CVE-2021-3796
Summary: vim is vulnerable to Use After Free Reference Links(if available): https://github.com/vim/vim/commit/35a9a00afcb20897d462a766793ff45534810dc3 https://huntr.dev/bounties/ab60b7f3-6fb1-4ac2-a4fa-4d592e08008d http://www.openwall.com/lists/oss-security/2021/10/01/1 https://lists.fedoraproject.org/archives/list/[email protected]/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/ https://lists.fedoraproject.org/archives/list/[email protected]/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/ CVSS Score (if available)...
