By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 (released September 8th 2021).
fdef0aef0e912b6be1749a8d91235a8ce5f95d8c64ee36efaa66917951a81206
Apple Security Advisory 2021-10-26-11 - tvOS 15 addresses bypass, code execution, denial of service, out of bounds read, and use-after-free vulnerabilities.
ebc2c5586dda25fcb5f1755935d9df8d22fe96d473608b04490304ef6ab1c4c2
Apple Security Advisory 2021-10-26-10 - watchOS 8 addresses bypass, code execution, denial of service, out of bounds read, and use-after-free vulnerabilities.
c5261977f132d063b33bfb8ae7574fbc455fc4460c7118b7e500205e5c5300a6
Virus.Win32.Ipamor.c malware suffers from an unauthenticated remote system reboot vulnerability.
84db975e201fa02c407f637fb81a3da8c99949352d8dcd96e7019bd77a849227
Backdoor.Win32.Antilam.14.o malware suffers from an unauthenticated remote command execution vulnerability.
e3ec579760331c3311245a4085bc3f661d2fcb2136789fb325b557865cc8541e
Apple Security Advisory 2021-10-26-9 - iOS 15 and iPadOS 15 addresses code execution, denial of service, out of bounds read, spoofing, and use-after-free vulnerabilities.
58d06760b57771902a8c3f6b64d1ccec806b30ce2ef20836de59cb0ce4327904
Apple Security Advisory 2021-10-26-8 - Safari 15 addresses bypass, code execution, and use-after-free vulnerabilities.
c1e6de671257272645ffee09d3fc62a44e6f863f26b481fc5ada1161911eb119
HEUR.Backdoor.Win32.Generic malware suffers from an unauthenticated open proxy vulnerability.
63970f0c1a53eb495ab4fe23cb39480889a373c2b844d7684e1533cf0dc070e3
Backdoor.Win32.Mazben.es malware suffers from an unauthenticated open proxy vulnerability.
173e6bf535ccd9b1964aaa19cd997d19c2e872f9160e2af34af09f1a13421313
Hostel Management System version 2.1 suffers from cross site request forgery and cross site scripting vulnerabilities. Original discovery of cross site scripting in this version is attributed to Kokn3t in October of 2020.
c25a1cf3e43fddf34b3dba5ae1ca94327edad0924a642a4cba70ea26c887ae6b
Backdoor.Win32.Hupigon.afjk malware suffers from bypass and code execution vulnerabilities.
e88083e56cc22443cfc05356ba29a0167905e994f2e84a847ee2ae8ae05f67e4
Apple Security Advisory 2021-10-26-7 - tvOS 15.1 addresses buffer overflow, code execution, cross site scripting, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
afe34c7e18a2cd09d033c4966263d5f779242a387c7c97b8d682a440fffd3e78
Apple Security Advisory 2021-10-26-6 - watchOS 8.1 addresses buffer overflow, code execution, cross site scripting, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
1ad304279232ddfec9d86b861d672344e79ab63f6240b126163d98fbe088873c
Backdoor.Win32.Hupigon.afjk malware suffers from a man-in-the-middle vulnerability.
6b2f003a1b543353ead8da56a0fc62fb2a653d2e3664170784d65781cd8aa71d
Backdoor.Win32.Hupigon.afjk malware suffers from a directory traversal vulnerability.
05d61f0a82f4efaed311b1b2abb9498038be8c7827ab8ec304b31ae59c970d88
Backdoor.Win32.Hupigon.acio malware suffers from an unauthenticated open proxy vulnerability.
eb96ad8d71f6c7c5b23f5e004070435ee69ec0fed3803691669fa6154b7986f0
WordPress Supsystic Contact Form plugin version 1.7.18 suffers from a persistent cross site scripting vulnerability.
3323df57b8923efdf98df1404c93ea1e5214d151574ad10b00cb85081bd9cc42
Apple Security Advisory 2021-10-26-5 - Security Update 2021-007 Catalina addresses code execution, integer overflow, out of bounds read, and out of bounds write vulnerabilities.
a875bea79cc57d5873eed09e410bb1b7743805f2fb64a3692f7e43a5398e8665
Backdoor.Win32.Hupigon.acio malware suffers from an unquoted service path vulnerability.
29b17d8a1dde1549c3b2a9f5bbbd0cadd035ff28ff9aa377cebbe1166a6cdfc7
Backdoor.Win32.Delf.arjo malware suffers from an unquoted service path vulnerability.
ce98423c38a20733de2db341c34d197e2a31b68690e9ba1d3c0c0ccd6f0832c4
Trojan.Win32.Akl.bc malware suffers from an insecure permissions vulnerability.
5fd3a44feb944d9dcb38f70663514713fe5a5f8eeedf65975dacde025a8d7353
Apple Security Advisory 2021-10-26-4 - macOS Big Sur 11.6.1 addresses code execution, integer overflow, out of bounds read, and out of bounds write vulnerabilities.
2b85fd3afc09209a251129df039a30464c9fbe4900b2583ae910933b48329a65