rce – PossibleThreat Articles

Update now! WinRAR files can be abused to run malware

August 22, 2023 0 Comments cve-2023-40477, Exploits and vulnerabilities, news, rce, windows 11, winrar

Categories: News

Tags: WinRAR

Tags: CVE-2023-40477

Tags: RCE

Tags: Windows 11

A new version of WinRAR is available that patches two vulnerabilities attackers could use for remote code execution.

Patch now! Citrix Sharefile joins the list of actively exploited file sharing software

August 18, 2023 0 Comments citrix, cve-2023-24489, Exploits and vulnerabilities, news, poc, rce, sharefile, unauthenticated, vulnerability

Categories: News

Tags: Citrix

Tags: ShareFile

Tags: CVE-2023-24489

Tags: RCE

Tags: unauthenticated

Tags: vulnerability

Tags: PoC

Citrix ShareFile can be exploited remotely by unauthenticated attackers.

Minecraft fans beware: Players and servers at risk from BleedingPipe vulnerability

August 2, 2023 0 Comments bleedingpipe, forge, malware, minecraft, mod, personal, players, rce, vulnerability

Categories: Personal

Tags: Minecraft

Tags: mod

Tags: forge

Tags: players

Tags: vulnerability

Tags: RCE

Tags: bleedingpipe

Tags: malware

Minecraft players interested in modding are at risk from a remote code execution vulnerability targeting both players and servers.

Ghostscript bug could allow rogue documents to run system commands

July 4, 2023 0 Comments command injection, cve-2023-36664, ghostscript, pipe, rce, vulnerability

Credit to Author: Paul Ducklin| Date: Tue, 04 Jul 2023 17:57:16 +0000

Even if you’ve never heard of the venerable Ghostscript project, you may have it installed without knowing.

ASUS warns router customers: Patch now, or block all inbound requests

June 20, 2023 0 Comments asus, Patch, rce, router, vulnerability

Credit to Author: Paul Ducklin| Date: Tue, 20 Jun 2023 16:14:45 +0000

“Do as we say, not as we do!” – The patches took ages to come out, but don’t let that lure you into taking ages to install them.

VMware patches critical vulnerabilities in Aria Operations for Networks

June 9, 2023 0 Comments aria operations for networks, command injection, cve-2023-20887, cve-2023-20888, cve-2023-20889, deserialization, Exploits and vulnerabilities, information disclosure, news, rce, vmware

Categories: News

Tags: cve-2023-20887

Tags: cve-2023-20888

Tags: cve-2023-20889

Tags: vmware

Tags: Aria Operations for Networks

Tags: RCE

Tags: information disclosure

Tags: deserialization

Tags: command injection

VMware has released security updates to fix a trio of flaws in Aria Operations for Networks that could result in information disclosure and remote code execution

PaperCut security vulnerabilities under active attack – vendor urges customers to patch

April 25, 2023 0 Comments cve-2023-27350, cve-2023-27351, Exploit, papercut, rce, vulnerability

Credit to Author: Paul Ducklin| Date: Tue, 25 Apr 2023 17:53:39 +0000

If you have the product, but you haven’t patched – well, the crooks have now landed, so please don’t delay. Do it today…

Apple zero-day spyware patches extended to cover older Macs, iPhones and iPads

April 10, 2023 0 Comments Apple, Exploit, iOS, kernel bug, OS X, rce, spyware, vulnerability

Credit to Author: Paul Ducklin| Date: Mon, 10 Apr 2023 20:20:44 +0000

That double-whammy Apple browser-to-kernel spyware bug combo we wrote up last week? Turns out it applies to all supported Macs and iDevices – patch now!

Super FabriXss: an RCE vulnerability in Azure Service Fabric Explorer

April 3, 2023 0 Comments Azure, cve-2023-23383, Exploits and vulnerabilities, Microsoft, news, rce, super fabrixss, vulnerability