βΌ CVE-2023-38802 βΌ
π Read
via "National Vulnerability Database".
FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).π Read
via "National Vulnerability Database".
βΌ CVE-2023-3646 βΌ
π Read
via "National Vulnerability Database".
On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39616 βΌ
π Read
via "National Vulnerability Database".
AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read memory access via the component assign_frame_buffer_p in av1/common/av1_common_int.h.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24548 βΌ
π Read
via "National Vulnerability Database".
On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39615 βΌ
π Read
via "National Vulnerability Database".
Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40889 βΌ
π Read
via "National Vulnerability Database".
A heap-based buffer overflow exists in the qr_reader_match_centers function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be physically scanned by the vulnerable scanner.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41362 βΌ
π Read
via "National Vulnerability Database".
MyBB before 1.8.36 allows Code Injection by users with certain high privileges. Templates in Admin CP intentionally use eval, and there was some validation of the input to eval, but type juggling interfered with this when using PCRE within PHP.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40890 βΌ
π Read
via "National Vulnerability Database".
A stack-based buffer overflow vulnerability exists in the lookup_sequence function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be physically scanned by the vulnerable scanner.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0654 βΌ
π Read
via "National Vulnerability Database".
Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim's device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker's app.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32050 βΌ
π Read
via "National Vulnerability Database".
Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed.Without due care, an application may inadvertently expose this sensitive information, e.g., by writing it to a log file. This issue only arises if an application enables the command listener feature (this is not enabled by default).This issue affects the MongoDB C Driver 1.0.0 prior to 1.17.7, MongoDB PHP Driver 1.0.0 prior to 1.9.2, MongoDB Swift Driver 1.0.0 prior to 1.1.1, MongoDB Node.js Driver 3.6 prior to 3.6.10, MongoDB Node.js Driver 4.0 prior to 4.17.0 and MongoDB Node.js Driver 5.0 prior to 5.8.0. This issue also affects users of the MongoDB C++ Driver dependent on the C driver 1.0.0 prior to 1.17.7 (C++ driver prior to 3.7.0).π Read
via "National Vulnerability Database".
π΄ Rackspace Faces Massive Cleanup Costs After Ransomware Attack π΄
π Read
via "Dark Reading".
Eight months after the cyberattack, the cloud hosting services company's remediation costs top $10 million as it tries to repair the damage caused by the Play ransomware gang.π Read
via "Dark Reading".
Dark Reading
Rackspace Faces Massive Cleanup Costs After Ransomware Attack
Eight months after the cyberattack, the cloud hosting services company's remediation costs top $10 million as it tries to repair the damage caused by the Play ransomware gang.
π΄ Somalia Orders ISPs to Block Telegram and TikTok π΄
π Read
via "Dark Reading".
Officials said the apps were used to "spread horrific content and misinformation to the public."π Read
via "Dark Reading".
Dark Reading
Somalia Orders ISPs to Block Telegram and TikTok
Officials said the apps were used to "spread horrific content and misinformation to the public."
π΄ South African Department of Defence Denies Stolen Data Claims π΄
π Read
via "Dark Reading".
Attackers leaked 1.6TB of stolen data, which government officials dismissed as "fake news."π Read
via "Dark Reading".
Dark Reading
South African Department of Defence Denies Stolen Data Claims
Attackers leaked 1.6TB of stolen data, which government officials dismissed as "fake news."
βοΈ U.S. Hacks QakBot, Quietly Removes Botnet Infections βοΈ
π Read
via "Krebs on Security".
The U.S. government today announced a coordinated crackdown against QakBot, a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international law enforcement operation involved seizing control over the botnet's online infrastructure, and quietly removing the Qakbot malware from tens of thousands of infected Microsoft Windows computer systems.π Read
via "Krebs on Security".
Krebs on Security
U.S. Hacks QakBot, Quietly Removes Botnet Infections
The U.S. government today announced a coordinated crackdown against QakBot, a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international law enforcement operation involved seizing control overβ¦
π¦Ώ DEF CON Generative AI Hacking Challenge Explored Cutting Edge of Security Vulnerabilities π¦Ώ
π Read
via "Tech Republic".
Data from the human vs. machine challenge could provide a framework for government and enterprise policies around generative AI.π Read
via "Tech Republic".
TechRepublic
DEF CON Generative AI Hacking Challenge Explored Cutting Edge of Security Vulnerabilities
Data from the human vs. machine challenge could provide a framework for government and enterprise policies around generative AI.
βΌ CVE-2023-34039 βΌ
π Read
via "National Vulnerability Database".
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation.Γ A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39522 βΌ
π Read
via "National Vulnerability Database".
goauthentik is an open-source Identity Provider. In affected versions using a recovery flow with an identification stage an attacker is able to determine if a username exists. Only setups configured with a recovery flow are impacted by this. Anyone with a user account on a system with the recovery flow described above is susceptible to having their username/email revealed as existing. An attacker can easily enumerate and check users' existence using the recovery flow, as a clear message is shown when a user doesn't exist. Depending on configuration this can either be done by username, email, or both. This issue has been addressed in versions 2023.5.6 and 2023.6.2. Users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2023-20890 βΌ
π Read
via "National Vulnerability Database".
Aria Operations for Networks contains an arbitrary file write vulnerability.Γ An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3251 βΌ
π Read
via "National Vulnerability Database".
A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application.This issue affects Nessus: before 10.6.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3252 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with log data, which could lead to a denial of service condition.π Read
via "National Vulnerability Database".
π΄ Sprawling Qakbot Malware Takedown Spans 700,000 Infected Machines π΄
π Read
via "Dark Reading".
"Operation Duck Hunt" is not likely to eliminate the initial access botnet forever, but the proactive removal of the malware from victim machines by law enforcement is one of the largest and most significant efforts of its kind.π Read
via "Dark Reading".
Dark Reading
Sprawling Qakbot Malware Takedown Spans 700,000 Infected Machines
"Operation Duck Hunt" is not likely to eliminate the initial access botnet forever, but the proactive removal of the malware from victim machines by law enforcement is one of the largest and most significant efforts of its kind.