βΌ CVE-2023-29462 βΌ
π Read
via "National Vulnerability Database".
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. potentiallyΓ resulting in a complete loss of confidentiality, integrity, and availability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31982 βΌ
π Read
via "National Vulnerability Database".
Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_packet_reasm_ip at /src/capture.c.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31973 βΌ
π Read
via "National Vulnerability Database".
yasm v1.3.0 was discovered to contain a use after free via the function expand_mmac_params at /nasm/nasm-pp.c.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31138 βΌ
π Read
via "National Vulnerability Database".
DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.36 branch and prior to versions 2.37.9.1, 2.38.3.1, and 2.39.1.2, using object model traversal in the payload of a PATCH request, authenticated users with write access to an object may be able to modify related objects that they should not have access to. DHIS2 implementers should upgrade to a supported version of DHIS2 to receive a patch: 2.37.9.1, 2.38.3.1, or 2.39.1.2. It is possible to work around this issue by blocking all PATCH requests on a reverse proxy, but this may cause some issues with the functionality of built-in applications using legacy PATCH requests.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31981 βΌ
π Read
via "National Vulnerability Database".
Sngrep v1.6.0 was discovered to contain a stack buffer overflow via the function packet_set_payload at /src/packet.c.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29461 βΌ
π Read
via "National Vulnerability Database".
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. potentiallyΓ resulting in a complete loss of confidentiality, integrity, and availability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31143 βΌ
π Read
via "National Vulnerability Database".
mage-ai is an open-source data pipeline tool for transforming and integrating data. Those who use Mage starting in version 0.8.34 and prior to 0.8.72 with user authentication enabled may be affected by a vulnerability. The terminal could be accessed by users who are not signed in or do not have editor permissions. Version 0.8.72 contains a fix for this issue.π Read
via "National Vulnerability Database".
π€1
βΌ CVE-2023-31139 βΌ
π Read
via "National Vulnerability Database".
DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.37 branch and prior to versions 2.37.9.1, 2.38.3.1, and 2.39.1.2, Personal Access Tokens (PATs) generate unrestricted session cookies. This may lead to a bypass of other access restrictions (for example, based on allowed IP addresses or HTTP methods). DHIS2 implementers should upgrade to a supported version of DHIS2: 2.37.9.1, 2.38.3.1, or 2.39.1.2. Implementers can work around this issue by adding extra access control validations on a reverse proxy.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29460 βΌ
π Read
via "National Vulnerability Database".
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow potentiallyΓ resulting in a complete loss of confidentiality, integrity, and availability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31136 βΌ
π Read
via "National Vulnerability Database".
PostgresNIO is a Swift client for PostgreSQL. Any user of PostgresNIO prior to version 1.14.2 connecting to servers with TLS enabled is vulnerable to a man-in-the-middle attacker injecting false responses to the client's first few queries, despite the use of TLS certificate verification and encryption. The vulnerability is addressed in PostgresNIO versions starting from 1.14.2. There are no known workarounds for unpatched users.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32060 βΌ
π Read
via "National Vulnerability Database".
DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. Starting in the 2.35 branch and prior to versions 2.36.13, 2.37.8, 2.38.2, and 2.39.0, when the Category Option Combination Sharing settings are configured to control access to specific tracker program events or program stages, the `/trackedEntityInstances` and `/events` API endpoints may include all events regardless of the sharing settings applied to the category option combinations. When this specific configuration is present, users may have access to events which they should not be able to see based on the sharing settings of the category options. The events will not appear in the user interface for web-based Tracker Capture or Capture applications, but if the Android Capture App is used they will be displayed to the user. Versions 2.36.13, 2.37.8, 2.38.2, and 2.39.0 contain a fix for this issue. No workaround is known.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31137 βΌ
π Read
via "National Vulnerability Database".
MaraDNS is open-source software that implements the Domain Name System (DNS). In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination.The vulnerability exists in the `decomp_get_rddata` function within the `Decompress.c` file. When handling a DNS packet with an Answer RR of qtype 16 (TXT record) and any qclass, if the `rdlength` is smaller than `rdata`, the result of the line `Decompress.c:886` is a negative number `len = rdlength - total;`. This value is then passed to the `decomp_append_bytes` function without proper validation, causing the program to attempt to allocate a massive chunk of memory that is impossible to allocate. Consequently, the program exits with an error code of 64, causing a Denial of Service.One proposed fix for this vulnerability is to patch `Decompress.c:887` by breaking `if(len <= 0)`, which has been incorporated in version 3.5.0036 via commit bab062bde40b2ae8a91eecd522e84d8b993bab58.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31976 βΌ
π Read
via "National Vulnerability Database".
libming v0.4.8 was discovered to contain a stack buffer overflow via the function makeswf_preprocess at /util/makeswf_utils.c.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31979 βΌ
π Read
via "National Vulnerability Database".
Catdoc v0.95 was discovered to contain a global buffer overflow via the function process_file at /src/reader.c.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31134 βΌ
π Read
via "National Vulnerability Database".
Tauri is software for building applications for multi-platform deployment. The Tauri IPC is usually strictly isolated from external websites, but in versions 1.0.0 until 1.0.9, 1.1.0 until 1.1.4, and 1.2.0 until 1.2.5, the isolation can be bypassed by redirecting an existing Tauri window to an external website. This is either possible by an application implementing a feature for users to visitarbitrary websites or due to a bug allowing the open redirect. This allows the external website access to the IPC layer and therefore to all configured and exposed Tauri API endpoints and application specific implemented Tauri commands. This issue has been patched in versions 1.0.9, 1.1.4, and 1.2.5. As a workaround, prevent arbitrary input in redirect features and/or only allow trusted websites access to the IPC.π Read
via "National Vulnerability Database".
β Low-level motherboard security keys leaked in MSI breach, claim researchers β
π Read
via "Naked Security".
What can you do if someone steals your keys but you can't change the lock? We explain the dilemma in plain English.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ The Problem of Old Vulnerabilities β and What to Do About It π΄
π Read
via "Dark Reading".
The vulnerabilities most often exploited by ransomware attackers are already known to us.π Read
via "Dark Reading".
Dark Reading
The Problem of Old Vulnerabilities β and What to Do About It
The vulnerabilities most often exploited by ransomware attackers are already known to us.
βΌ CVE-2020-23362 βΌ
π Read
via "National Vulnerability Database".
Insecure Permissons vulnerability found in Shop_CMS YerShop all versions allows a remote attacker to escalate privileges via the cover_id parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23363 βΌ
π Read
via "National Vulnerability Database".
Cross Site Request Forgery (CSRF) vulnerability found in Verytops Verydows all versions that allows an attacker to execute arbitrary code via a crafted script.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31807 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the personal notes function.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30085 βΌ
π Read
via "National Vulnerability Database".
Buffer Overflow vulnerability found in Libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the cws2fws function in util/decompile.c.π Read
via "National Vulnerability Database".