Security Bulletin 26 Oct 2022 – Cyber Security Agency of Singapore

Security Bulletin 26 Oct 2022 – Cyber Security Agency of Singapore

Security Bulletin 26 Oct 2022 – Cyber Security Agency of Singapore
CVE Number Description Base Score Reference CVE-2018-3839 An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2018-3839 CVE-2019-7280 Prima Systems FlexAir, Versions 2.3.38 and prior. The session-ID is of an insufficient length and can be exploited by brute force, which may allow a remote attacker to obtain a valid session…
Source link

About coldfusion

Check Also

Ransomware actor exploits unsupported ColdFusion servers — but comes away empty-handed

Servers are always a point of interest for threat actors as they are one of …

Leave a Reply

Your email address will not be published. Required fields are marked *