βΌ CVE-2023-27409 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal vulnerability was found in the `deviceinfo` binary via the `mac` parameter. This could allow an authenticated attacker with access to the SSH interface on the affected device to read the contents of any file named `address`.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2595 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in SourceCodester Billing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file ajax_service.php of the component POST Parameter Handler. The manipulation of the argument drop_services leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228397 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2594 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, was found in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the component Registration. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228396.π Read
via "National Vulnerability Database".
π΄ SideWinder Strikes Victims in Pakistan, Turkey in Multiphase Polymorphic Attack π΄
π Read
via "Dark Reading".
The APT is exploiting a remote template injection flaw to deliver malicious documents that lure in government officials and other targets with topics of potential interest.π Read
via "Dark Reading".
Dark Reading
SideWinder Strikes Victims in Pakistan, Turkey in Multiphase Polymorphic Attack
The APT is exploiting a remote template injection flaw to deliver malicious documents that lure in government officials and other targets with topics of potential interest.
π Suricata IDPE 6.0.12 π
π Read
via "Packet Storm Security".
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.π Read
via "Packet Storm Security".
Packetstormsecurity
Suricata IDPE 6.0.12 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2023-29462 βΌ
π Read
via "National Vulnerability Database".
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. potentiallyΓ resulting in a complete loss of confidentiality, integrity, and availability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31982 βΌ
π Read
via "National Vulnerability Database".
Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_packet_reasm_ip at /src/capture.c.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31973 βΌ
π Read
via "National Vulnerability Database".
yasm v1.3.0 was discovered to contain a use after free via the function expand_mmac_params at /nasm/nasm-pp.c.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31138 βΌ
π Read
via "National Vulnerability Database".
DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.36 branch and prior to versions 2.37.9.1, 2.38.3.1, and 2.39.1.2, using object model traversal in the payload of a PATCH request, authenticated users with write access to an object may be able to modify related objects that they should not have access to. DHIS2 implementers should upgrade to a supported version of DHIS2 to receive a patch: 2.37.9.1, 2.38.3.1, or 2.39.1.2. It is possible to work around this issue by blocking all PATCH requests on a reverse proxy, but this may cause some issues with the functionality of built-in applications using legacy PATCH requests.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31981 βΌ
π Read
via "National Vulnerability Database".
Sngrep v1.6.0 was discovered to contain a stack buffer overflow via the function packet_set_payload at /src/packet.c.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29461 βΌ
π Read
via "National Vulnerability Database".
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. potentiallyΓ resulting in a complete loss of confidentiality, integrity, and availability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31143 βΌ
π Read
via "National Vulnerability Database".
mage-ai is an open-source data pipeline tool for transforming and integrating data. Those who use Mage starting in version 0.8.34 and prior to 0.8.72 with user authentication enabled may be affected by a vulnerability. The terminal could be accessed by users who are not signed in or do not have editor permissions. Version 0.8.72 contains a fix for this issue.π Read
via "National Vulnerability Database".
π€1
βΌ CVE-2023-31139 βΌ
π Read
via "National Vulnerability Database".
DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.37 branch and prior to versions 2.37.9.1, 2.38.3.1, and 2.39.1.2, Personal Access Tokens (PATs) generate unrestricted session cookies. This may lead to a bypass of other access restrictions (for example, based on allowed IP addresses or HTTP methods). DHIS2 implementers should upgrade to a supported version of DHIS2: 2.37.9.1, 2.38.3.1, or 2.39.1.2. Implementers can work around this issue by adding extra access control validations on a reverse proxy.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29460 βΌ
π Read
via "National Vulnerability Database".
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow potentiallyΓ resulting in a complete loss of confidentiality, integrity, and availability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31136 βΌ
π Read
via "National Vulnerability Database".
PostgresNIO is a Swift client for PostgreSQL. Any user of PostgresNIO prior to version 1.14.2 connecting to servers with TLS enabled is vulnerable to a man-in-the-middle attacker injecting false responses to the client's first few queries, despite the use of TLS certificate verification and encryption. The vulnerability is addressed in PostgresNIO versions starting from 1.14.2. There are no known workarounds for unpatched users.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32060 βΌ
π Read
via "National Vulnerability Database".
DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.35 branch and prior to versions 2.36.13, 2.37.8, 2.38.2, and 2.39.0, when the Category Option Combination Sharing settings are configured to control access to specific tracker program events or program stages, the `/trackedEntityInstances` and `/events` API endpoints may include all events regardless of the sharing settings applied to the category option combinations. When this specific configuration is present, users may have access to events which they should not be able to see based on the sharing settings of the category options. The events will not appear in the user interface for web-based Tracker Capture or Capture applications, but if the Android Capture App is used they will be displayed to the user. Versions 2.36.13, 2.37.8, 2.38.2, and 2.39.0 contain a fix for this issue. No workaround is known.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31137 βΌ
π Read
via "National Vulnerability Database".
MaraDNS is open-source software that implements the Domain Name System (DNS). In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination.The vulnerability exists in the `decomp_get_rddata` function within the `Decompress.c` file. When handling a DNS packet with an Answer RR of qtype 16 (TXT record) and any qclass, if the `rdlength` is smaller than `rdata`, the result of the line `Decompress.c:886` is a negative number `len = rdlength - total;`. This value is then passed to the `decomp_append_bytes` function without proper validation, causing the program to attempt to allocate a massive chunk of memory that is impossible to allocate. Consequently, the program exits with an error code of 64, causing a Denial of Service.One proposed fix for this vulnerability is to patch `Decompress.c:887` by breaking `if(len <= 0)`, which has been incorporated in version 3.5.0036 via commit bab062bde40b2ae8a91eecd522e84d8b993bab58.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31976 βΌ
π Read
via "National Vulnerability Database".
libming v0.4.8 was discovered to contain a stack buffer overflow via the function makeswf_preprocess at /util/makeswf_utils.c.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31979 βΌ
π Read
via "National Vulnerability Database".
Catdoc v0.95 was discovered to contain a global buffer overflow via the function process_file at /src/reader.c.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31134 βΌ
π Read
via "National Vulnerability Database".
Tauri is software for building applications for multi-platform deployment. The Tauri IPC is usually strictly isolated from external websites, but in versions 1.0.0 until 1.0.9, 1.1.0 until 1.1.4, and 1.2.0 until 1.2.5, the isolation can be bypassed by redirecting an existing Tauri window to an external website. This is either possible by an application implementing a feature for users to visitarbitrary websites or due to a bug allowing the open redirect. This allows the external website access to the IPC layer and therefore to all configured and exposed Tauri API endpoints and application specific implemented Tauri commands. This issue has been patched in versions 1.0.9, 1.1.4, and 1.2.5. As a workaround, prevent arbitrary input in redirect features and/or only allow trusted websites access to the IPC.π Read
via "National Vulnerability Database".
β Low-level motherboard security keys leaked in MSI breach, claim researchers β
π Read
via "Naked Security".
What can you do if someone steals your keys but you can't change the lock? We explain the dilemma in plain English.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News