remote code execution – PossibleThreat Articles

Credit to Author: Microsoft Threat Intelligence| Date: Wed, 01 May 2024 18:00:00 +0000

Microsoft discovered a vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s internal data storage directory, which could lead to arbitrary code execution and token theft, among other impacts. We have shared our findings with Google’s Android Application Security Research team, as well as the developers of apps found vulnerable to this issue. We anticipate that the vulnerability pattern could be found in other applications. We’re sharing this research more broadly so developers and publishers can check their apps for similar issues, fix as appropriate, and prevent them from being introduced into new apps or releases.

The post “Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps appeared first on Microsoft Security Blog.

Microsoft Security

Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server

December 15, 2023 0 Comments remote code execution

Credit to Author: Microsoft Threat Intelligence| Date: Fri, 15 Dec 2023 17:00:00 +0000

Four new unauthenticated remotely exploitable security vulnerabilities discovered in the popular source code management platform Perforce Helix Core Server have been remediated after being responsibly disclosed by Microsoft. Perforce Server customers are strongly urged to update to version 2023.1/2513900.

The post Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server appeared first on Microsoft Security Blog.

MalwareBytes Security

Update vCenter Server now! VMWare fixes critical vulnerability

October 30, 2023 0 Comments Business, cve-2023-34048, cve-2023-34056, dce/rpc, Exploits and vulnerabilities, information disclosure, news, out-of-bounds write, remote code execution, vcenter server, vmware

VMWare has issued an update to address one out-of-bounds write and one information disclosure vulnerability in its server management software, vCenter Server. Since…

MalwareBytes Security

Update vCenter Server now! VMWare fixes critical vulnerability

Categories: Business

Categories: Exploits and vulnerabilities

Categories: News

Tags: VMWare

Tags: vCenter Server

Tags: CVE-2023-34056

Tags: CVE-2023-34048

Tags: DCE/RPC

Tags: out of bounds write

Tags: information disclosure

Tags: remote code execution

VMWare has issued an update to address out-of-bounds write and information disclosure vulnerabilities in its server management software, vCenter Server.

Security Sophos

Update now – WhatsApp flaw gave attackers access to local files

February 6, 2020 0 Comments facebook, Google, perimeterx, Privacy, remote code execution, security threats, whatsapp

Credit to Author: John E Dunn| Date: Thu, 06 Feb 2020 15:39:57 +0000

The flaw affecting WhatsApp’s desktop client when it’s paired with the iPhone app allowed attackers access to local file systems.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/z97jnHoyCbQ” height=”1″ width=”1″ alt=””/>

Security Sophos

Microsoft fixes critical bugs in CryptoAPI, RD Gateway and .NET

January 15, 2020 0 Comments Adobe, barcelona, CVEs, Microsoft, Operating Systems, Patch Tuesday, Patches, rce, rd gateway, RDP, remote code execution, security threats, vulnerability, Windows, windows remote desktop gateway, windows server

Credit to Author: Danny Bradbury| Date: Wed, 15 Jan 2020 12:10:33 +0000

Here are the most serious bugs from Microsoft’s Patch Tuesday – Including CryptoAPI and RCE flaws in Windows Remote Desktop Gateway.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/_JcrLmlUQmc” height=”1″ width=”1″ alt=””/>

Security Sophos

PHP team fixes nasty site-owning remote execution bug

October 29, 2019 0 Comments nginx, php, programming languages, rce, remote code execution, security threats, vulnerability

Credit to Author: Danny Bradbury| Date: Tue, 29 Oct 2019 11:48:14 +0000

The PHP development team has fixed a bug that could allow remote code execution in some setups of the programming language.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/r_X-vIvi4pg” height=”1″ width=”1″ alt=””/>

Security Sophos

October Patch Tuesday: Microsoft fixes critical remote desktop bug

October 9, 2019 0 Comments Azure, cve-2019-1060, cve-2019-1255, cve-2019-1333, cve-2019-1365, cve-2019-1366, cve-2019-1367, cve-2019-1368, CVEs, edge browser, Internet Explorer, Microsoft, Microsoft Edge, Operating Systems, Organisations, Patch Tuesday, Patches, remote code, remote code execution, security threats, Technologies, vulnerability, Web Browsers, Windows

Credit to Author: Danny Bradbury| Date: Wed, 09 Oct 2019 12:14:46 +0000

Microsoft fixed 59 vulnerabilities in October’s Patch Tuesday, including several critical remote code execution (RCE) flaws.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/jWWY6mMadts” height=”1″ width=”1″ alt=””/>

Security Sophos

WhatsApp vulnerability could compromise Android smartphones

October 4, 2019 0 Comments Android, cve-2019-11932, CVEs, double free memory vulnerability, facebook, malicious gif, Privacy, rce, remote code execution, security threats, vulnerability, whatsapp

Credit to Author: John E Dunn| Date: Fri, 04 Oct 2019 12:10:03 +0000

A researcher has released details of a WhatsApp flaw that could be used to compromise the app and the mobile device the app is running on.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/fPnnKlP45pM” height=”1″ width=”1″ alt=””/>

Security Sophos

Exim suffers another ‘critical’ remote code execution flaw

October 2, 2019 0 Comments critical flaw, cve-2019-16928, CVEs, email server, Exim, rce, remote code execution, security threats, vulnerability

Credit to Author: John E Dunn| Date: Wed, 02 Oct 2019 12:28:02 +0000

This latest Exim flaw could lead to at least a denial of service crash in the software but also the possibility of remote code execution.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/MxuCX_Qs0nA” height=”1″ width=”1″ alt=””/>

← Previous