β OpenSSL fixes two βone-linerβ crypto bugs β what you need to know β
π Read
via "Naked Security".
"As bad as Heartbleed"? We heard that concern a week ago, but we think it's less ungood than that...π Read
via "Naked Security".
Naked Security
OpenSSL fixes two βone-linerβ crypto bugs β what you need to know
βAs bad as Heartbleedβ? We heard that concern a week ago, but we think itβs less ungood than thatβ¦
π΄ How to Keep EVs From Taking Down the Electrical Grid π΄
π Read
via "Dark Reading".
They may be environmentally friendly, but the surging popularity of electric cars and plug-in hybrids puts the nation's electrical grid at greater risk for malfeasance.π Read
via "Dark Reading".
Dark Reading
How to Keep EVs From Taking Down the Electrical Grid
They may be environmentally friendly, but the surging popularity of electric cars and plug-in hybrids puts the nation's electrical grid at greater risk for malfeasance.
βΌ CVE-2021-3697 βΌ
π Read
via "National Vulnerability Database".
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34597 βΌ
π Read
via "National Vulnerability Database".
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34595 βΌ
π Read
via "National Vulnerability Database".
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33737 βΌ
π Read
via "National Vulnerability Database".
The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.10.0 and before 2.11.0 may contain a random generated admin passwordπ Read
via "National Vulnerability Database".
βΌ CVE-2022-26348 βΌ
π Read
via "National Vulnerability Database".
Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has been preloaded into the registry of the Windows Server to obtain sensitive information. This issue affects: Gallagher Command Centre 8.60 versions prior to 8.60.1652; 8.50 versions prior to 8.50.2245; 8.40 versions prior to 8.40.2216; 8.30 versions prior to 8.30.1470; version 8.20 and prior versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26078 βΌ
π Read
via "National Vulnerability Database".
Gallagher Controller 6000 is vulnerable to a Denial of Service attack via conflicting ARP packets with a duplicate IP address. This issue affects: Gallagher Gallagher Controller 6000 vCR8.60 versions prior to 220303a; vCR8.50 versions prior to 220303a; vCR8.40 versions prior to 220303a; vCR8.30 versions prior to 220303a.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33738 βΌ
π Read
via "National Vulnerability Database".
OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token for the web portalπ Read
via "National Vulnerability Database".
βΌ CVE-2021-3695 βΌ
π Read
via "National Vulnerability Database".
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an attacker needs to perform some triage over the heap layout to achieve signifcant results, also the values written into the memory are repeated three times in a row making difficult to produce valid payloads. This flaw affects grub2 versions prior grub-2.12.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34598 βΌ
π Read
via "National Vulnerability Database".
The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 port opened, allowing attackers to execute arbitrary commands.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34596 βΌ
π Read
via "National Vulnerability Database".
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3696 βΌ
π Read
via "National Vulnerability Database".
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitrary code execution and/or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.π Read
via "National Vulnerability Database".
π΄ Marriott Data Breach Exposes PII, Credit Cards π΄
π Read
via "Dark Reading".
The hospitality giant said data from 300-400 individuals was compromised by a social-engineering scam targeting the Baltimore airport.π Read
via "Dark Reading".
Dark Reading
Marriott Data Breach Exposes PII, Credit Cards
The hospitality giant said data from 300-400 individuals was compromised by a social-engineering scam targeting the Baltimore airport.
π΄ I Built a Cheap 'Warshipping' Device in Just Three Hours β And So Can You π΄
π Read
via "Dark Reading".
Here's how I did it and how you can protect your company against such physical/digital hybrid attacks.π Read
via "Dark Reading".
Dark Reading
I Built a Cheap 'Warshipping' Device in Just 3 Hours β and So Can You
Here's how I did it and how you can protect your company against such physical/digital hybrid attacks.
π North Korean Attackers Targeting Healthcare Orgs with Maui Ransomware π
π Read
via "".
A new Cybersecurity Advisory via the FBI, CISA, and the U.S. Treasury says cyber actors with the DPRK have been using the ransomware since May 2021.π Read
via "".
βΌ CVE-2022-31127 βΌ
π Read
via "National Vulnerability Database".
NextAuth.js is a complete open source authentication solution for Next.js applications. An attacker can pass a compromised input to the e-mail [signin endpoint](https://next-auth.js.org/getting-started/rest-api#post-apiauthsigninprovider) that contains some malicious HTML, tricking the e-mail server to send it to the user, so they can perform a phishing attack. Eg.: `balazs@email.com, <a href="http://attacker.com">Before signing in, claim your money!</a>`. This was previously sent to `balazs@email.com`, and the content of the email containing a link to the attacker's site was rendered in the HTML. This has been remedied in the following releases, by simply not rendering that e-mail in the HTML, since it should be obvious to the receiver what e-mail they used: next-auth v3 users before version 3.29.8 are impacted. (We recommend upgrading to v4, as v3 is considered unmaintained. next-auth v4 users before version 4.9.0 are impacted. If for some reason you cannot upgrade, the workaround requires you to sanitize the `email` parameter that is passed to `sendVerificationRequest` and rendered in the HTML. If you haven't created a custom `sendVerificationRequest`, you only need to upgrade. Otherwise, make sure to either exclude `email` from the HTML body or efficiently sanitize it.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31126 βΌ
π Read
via "National Vulnerability Database".
Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to code execution by sending a specially crafted HTTP request to /app/options.py file. This affects Roxy-wi versions before 6.1.1.0. Users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31125 βΌ
π Read
via "National Vulnerability Database".
Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to bypass authentication and access admin functionality by sending a specially crafted HTTP request. This affects Roxywi versions before 6.1.1.0. Users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33047 βΌ
π Read
via "National Vulnerability Database".
OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31111 βΌ
π Read
via "National Vulnerability Database".
Frontier is Substrate's Ethereum compatibility layer. In affected versions the truncation done when converting between EVM balance type and Substrate balance type was incorrectly implemented. This leads to possible discrepancy between appeared EVM transfer value and actual Substrate value transferred. It is recommended that an emergency upgrade to be planned and EVM execution temporarily paused in the mean time. The issue is patched in Frontier master branch commit fed5e0a9577c10bea021721e8c2c5c378e16bf66 and polkadot-v0.9.22 branch commit e3e427fa2e5d1200a784679f8015d4774cedc934. This vulnerability affects only EVM internal states, but not Substrate balance states or node. You can temporarily pause EVM execution (by setting up a Substrate `CallFilter` that disables `pallet-evm` and `pallet-ethereum` calls before the patch can be applied.π Read
via "National Vulnerability Database".