‼ CVE-2022-36078 ‼
📖 Read
via "National Vulnerability Database".
Binary provides encoding/decoding in Borsh and other formats. The vulnerability is a memory allocation vulnerability that can be exploited to allocate slices in memory with (arbitrary) excessive size value, which can either exhaust available memory or crash the whole program. When using `github.com/gagliardetto/binary` to parse unchecked (or wrong type of) data from untrusted sources of input (e.g. the blockchain) into slices, it's possible to allocate memory with excessive size. When `dec.Decode(&val)` method is used to parse data into a structure that is or contains slices of values, the length of the slice was previously read directly from the data itself without any checks on the size of it, and then a slice was allocated. This could lead to an overflow and an allocation of memory with excessive size value. Users should upgrade to `v0.7.1` or higher. A workaround is not to rely on the `dec.Decode(&val)` function to parse the data, but to use a custom `UnmarshalWithDecoder()` method that reads and checks the length of any slice.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37458 ‼
📖 Read
via "National Vulnerability Database".
Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an unlimited rate.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35113 ‼
📖 Read
via "National Vulnerability Database".
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables📖 Read
via "National Vulnerability Database".
‼ CVE-2022-22062 ‼
📖 Read
via "National Vulnerability Database".
An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36076 ‼
📖 Read
via "National Vulnerability Database".
NodeBB Forum Software is powered by Node.js and supports either Redis, MongoDB, or a PostgreSQL database. Due to an unnecessarily strict conditional in the code handling the first step of the SSO process, the pre-existing logic that added (and later checked) a nonce was inadvertently rendered opt-in instead of opt-out. This re-exposed a vulnerability in that a specially crafted Man-in-the-Middle (MITM) attack could theoretically take over another user account during the single sign-on process. The issue has been fully patched in version 1.17.2.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-22061 ‼
📖 Read
via "National Vulnerability Database".
Out of bounds writing is possible while verifying device IDs due to improper length check before copying the data in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35108 ‼
📖 Read
via "National Vulnerability Database".
Improper checking of AP-S lock bit while verifying the secure resource group permissions can lead to non secure read and write access in Snapdragon Connectivity, Snapdragon Mobile📖 Read
via "National Vulnerability Database".
🗓️ CSRF flaw in csurf NPM package aimed at protecting against the same flaws 🗓️
📖 Read
via "The Daily Swig".
Serious security prompt developers to discontinue open source package📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
CSRF flaw in csurf NPM package aimed at protecting against the same flaws
Serious security prompt developers to discontinue open source package
🔏 Friday Five 9/2 🔏
📖 Read
via "".
Data privacy concerns were at the forefront of this week’s cybersecurity news but phishing and ransomware attacks are still making waves. Read about these stories and more in this week’s Friday Five!
📖 Read
via "".
🛠 Hashcat Advanced Password Recovery 6.2.6 Binary Release 🛠
📖 Read
via "Packet Storm Security".
Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.📖 Read
via "Packet Storm Security".
Packetstormsecurity
Hashcat Advanced Password Recovery 6.2.6 Binary Release ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🛠 Nmap Port Scanner 7.93 🛠
📖 Read
via "Packet Storm Security".
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.📖 Read
via "Packet Storm Security".
Packetstormsecurity
Nmap Port Scanner 7.93 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🛠 GNU Privacy Guard 2.2.39 🛠
📖 Read
via "Packet Storm Security".
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.📖 Read
via "Packet Storm Security".
Packetstormsecurity
GNU Privacy Guard 2.2.39 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🛠 Hashcat Advanced Password Recovery 6.2.6 Source Code 🛠
📖 Read
via "Packet Storm Security".
Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.📖 Read
via "Packet Storm Security".
Packetstormsecurity
Hashcat Advanced Password Recovery 6.2.6 Source Code ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🗓️ Bug Bounty Radar // The latest bug bounty programs for September 2022 🗓️
📖 Read
via "The Daily Swig".
New web targets for the discerning hacker📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Bug Bounty Radar // The latest bug bounty programs for September 2022
New web targets for the discerning hacker
‼ CVE-2022-3065 ‼
📖 Read
via "National Vulnerability Database".
Improper Access Control in GitHub repository jgraph/drawio prior to 20.2.8.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34382 ‼
📖 Read
via "National Vulnerability Database".
Dell Command Update, Dell Update and Alienware Update versions prior to 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration. A local malicious user may potentially exploit this vulnerability in order to elevate their privileges.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2020-22669 ‼
📖 Read
via "National Vulnerability Database".
Modsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a SQL injection bypass vulnerability. Attackers can use the comment characters and variable assignments in the SQL syntax to bypass Modsecurity WAF protection and implement SQL injection attacks on Web applications.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34371 ‼
📖 Read
via "National Vulnerability Database".
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker could potentially exploit this vulnerability, leading to full system compromise.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27693 ‼
📖 Read
via "National Vulnerability Database".
Server-side Request Forgery (SSRF) vulnerability in PublicCMS before 4.0.202011.b via /publiccms/admin/ueditor when the action is catchimage.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34378 ‼
📖 Read
via "National Vulnerability Database".
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36071 ‼
📖 Read
via "National Vulnerability Database".
SFTPGo is configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support. SFTPGo WebAdmin and WebClient support login using TOTP (Time-based One Time Passwords) as a secondary authentication factor. Because TOTPs are often configured on mobile devices that can be lost, stolen or damaged, SFTPGo also supports recovery codes. These are a set of one time use codes that can be used instead of the TOTP. In SFTPGo versions from version 2.2.0 to 2.3.3 recovery codes can be generated before enabling two-factor authentication. An attacker who knows the user's password could potentially generate some recovery codes and then bypass two-factor authentication after it is enabled on the account at a later time. This issue has been fixed in version 2.3.4. Recovery codes can now only be generated after enabling two-factor authentication and are deleted after disabling it.📖 Read
via "National Vulnerability Database".