SUSE SLED15 / SLES15 Security Update : libcaca (SUSE-SU-2022:3400-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3400-1 advisory. A flaw was found in libcaca v0.99.beta19. A buffer overflow issue in caca_resize function in ...
7.8CVSS
7.9AI Score
0.0004EPSS
openSUSE: Security Advisory for libcaca (SUSE-SU-2022:3400-1)
The remote host is missing an update for...
7.8CVSS
7.8AI Score
0.0004EPSS
Windows 11 pulls ahead of Windows 10 in anti-phishing stakes
Some new security additions and changes have been announced for users of Windows, but you'll have to be using Windows 11 to get the most out of them. Windows 10 users may find that this is going to be a case of falling behind the herd ever so slightly. Anti-phishing tools Enhanced phishing...
0.3AI Score
Fee on transfer tokens can make users receive less than they are supposed to
Lines of code Vulnerability details Impact Some tokens take a transfer fee (e.g. STA, PAXG). Tokens like these will be supported because the vested amount will be the amount that was actually transferred (i.e. the balance of the contract after the transfer), but it will cause the user to receive...
6.8AI Score
Lines of code https://github.com/code-423n4/2022-09-vtvl/blob/main/contracts/VTVLVesting.sol#L418-L437 Vulnerability details Impact When an employee has an active claim, this employee can call the following withdraw function to withdraw the claimable amount that she or he is entitled to, which...
6.7AI Score
Missing ReEntrancy Guard to Withdraw function
Lines of code Vulnerability details Impact Missing ReEntrancy Guard to Withdraw function Proof of Concept There is no re-entry risk on true ERC-20 tokens that work according to the spec (i.e. audited, etc.). However you can write a malicious ERC-20 with custom transferFrom() or approve() that have....
6.9AI Score
THE amountRemaining IN withdrawAdmin() IS UNDERFLOW
Lines of code https://github.com/code-423n4/2022-09-vtvl/blob/main/contracts/VTVLVesting.sol#L364-L392 Vulnerability details Impact Allocated tokens can get messed up when the amountRemaining in the withdrawAdmin() function is underflowed in rare cases. This will make 'numTokensReservedForVesting'....
6.9AI Score
The amountRemaining in withdrawAdmin() Function is Underflow
Lines of code Vulnerability details Impact allocatedTokens can get messed up when the amountRemaining in the withdrawAdmin() function is underflowed in rare cases. This will make numTokensReservedForVesting will have a larger amount of funds compared to the funds in the token. This will make it...
6.8AI Score
Claim can only be created for a recipient once
Lines of code Vulnerability details Claim can only be created for a recipient once The function creating claims, _createClaimUnchecked(), has the hasNoClaim() modifier, that is defined as opposite hasActiveClaim, meaning it reverts if there is an active claim for a user. It reverts if...
6.7AI Score
Researchers Uncover Years-Long Mobile Spyware Campaign Targeting Uyghurs
A new wave of a mobile surveillance campaign has been observed targeting the Uyghur community as part of a long-standing spyware operation active since at least 2015, cybersecurity researchers disclosed Thursday. The intrusions, originally attributed to a threat actor named Scarlet Mimic back in...
1.1AI Score
Automatic Cheating Detection in Human Racing
This is a fascinating glimpse of the future of automatic cheating detection in sports: Maybe you heard about the truly insane false-start controversy in track and field? Devon Allen--a wide receiver for the Philadelphia Eagles--was disqualified from the 110-meter hurdles at the World Athletics...
AI Score
kindle-prime.com Cross Site Scripting vulnerability OBB-2939087
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.2AI Score
PegOracle reported fraction price is constructed to favor the depeg
Lines of code Vulnerability details Depeg event is defined as linked asset price being below the strike price in the terms of the underlying asset. However, the PegOracle aimed to report the fraction of the pegged asset to the underlying always reports the number below 1, no matter how prices are.....
6.6AI Score
Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents
A state-sponsored advanced persistent threat (APT) actor newly christened APT42 (formerly UNC788) has been attributed to over 30 confirmed espionage attacks against individuals and organizations of strategic interest to the Iranian government at least since 2015. Cybersecurity firm Mandiant said...
0.5AI Score
[Security Nation] Gordon “Fyodor” Lyon on Nmap, the Open-Source Security Scanner
In this episode of Security Nation, Jen and Tod chat with Gordon “Fyodor” Lyon, author of the widely used open-source Nmap Security Scanner. On the doorstep of Nmap’s 25th anniversary, Gordon and our hosts talk about the tool’s impact on asset management, as well as the struggles and triumphs of...
-0.3AI Score
A curated list of awesome tools, research, papers and other projects related to password cracking and password security. Read the guidelines before contributing! In short: List is alphabetically sorted If in doubt, use awesome-lint If you think an item shouldn't be here open an issue Books Hash...
-0.3AI Score
8.8CVSS
7.2AI Score
0.004EPSS
A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of...
5.5CVSS
6.6AI Score
0.001EPSS
Currency fluctuate all the time. Theses days EUR / USD key pair is around 1for1. It was even 1:0.99 when I was writing this report. Portswigger doesn't change dynamically the price and exchange rate dynamically. Vulnerability at the following link: https://portswigger.net/buy/pro When you want...
-0.2AI Score
BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was...
7.1CVSS
6.1AI Score
0.001EPSS
BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was...
6.1CVSS
0.001EPSS
BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was...
7.1CVSS
6.6AI Score
0.001EPSS
BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was...
6.1CVSS
6AI Score
0.001EPSS
CVE-2022-35953 URL Redirection to Untrusted Site ('Open Redirect') in bookwyrm
BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was...
7.1CVSS
7AI Score
0.001EPSS
Over the weekend I organized some old computing equipment. I found this beauty in one of my boxes. It's a Netgear EN104TP hub. I've mentioned this device before, in this blog and my books. This sort of device was the last of the true hubs. In an age where cables seem reserved for data centers or...
-0.2AI Score
A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code...
7.8CVSS
7.1AI Score
0.001EPSS
IDOR allows to create new collection or modify a existing one
Description A normal user can create a new collection with the provided book ids or add new books to an existing collection, whose operations should be only executed by the administrator. \ \ This is possible due to an missing administrative role check in the /api/collection/update-for-series API.....
0.7AI Score
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...
9.8CVSS
3.5AI Score
0.003EPSS
Fedora: Security Advisory for golang-github-mmarkdown-mmark (FEDORA-2022-ea8f4e232d)
The remote host is missing an update for...
7.5AI Score
[SECURITY] Fedora 36 Update: golang-github-mmarkdown-mmark-2.2.10-6.fc36
Mmark is a powerful markdown processor written in Go, geared towards writing IETF documents. It is, however, also suited for writing complete books and ot her technical documentation, like the Learning Go book (mmark source, and I-D text...
7.3AI Score
CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit
Introduction Rootkits are malware implants which burrow themselves in the deepest corners of the operating system. Although on paper they may seem attractive to attackers, creating them poses significant technical challenges and the slightest programming error has the potential to completely crash....
0.8AI Score
Google Bringing the Android App Permissions Section Back to the Play Store
Google on Thursday said it's backtracking on a recent change that removed the app permissions list from the Google Play Store for Android across both the mobile app and the web. "Privacy and transparency are core values in the Android community," the Android Developers team said in a series of...
0.9AI Score
Fedora: Security Advisory for golang-github-mmarkdown-mmark (FEDORA-2022-3969b64d4b)
The remote host is missing an update for...
9.1CVSS
8.9AI Score
0.005EPSS
[SECURITY] Fedora 35 Update: golang-github-mmarkdown-mmark-2.2.10-5.fc35
Mmark is a powerful markdown processor written in Go, geared towards writing IETF documents. It is, however, also suited for writing complete books and ot her technical documentation, like the Learning Go book (mmark source, and I-D text...
9.1CVSS
8.9AI Score
0.005EPSS
Insecure direct object references in `create-shelf` function
Description Insecure direct object references in create-shelf function allows one user to create a shelf on behalf of another. # Proof of Concept ``` POST /create-shelf HTTP/2 Host: book.dansmonorage.blue Cookie: csrftoken=ZpIuGbCcxOyhta5bki4N46N7vknEAcpaG3881kcMAfWKBEYKEiLEeSc3Sr4lUTVa;...
0.4AI Score
Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability in versions prior to 2.37.1 lets Git for Windows' installer execute a binary into C:\mingw64\bin\git.exe by mistake. This only happens upon a fresh install, not when upgrading Git for Windows. A patch is...
7.3CVSS
7AI Score
0.0004EPSS
Cross-Site Request Forgery (CSRF)
Description An attacker is able to download data from a user via the CSV Export function. The export will include all the books on your shelves, books you have reviewed, and books with reading activity. Vulnerable URL https://bookwyrm.social/preferences/export/file Proof of Concept ``` ...
0.9AI Score
Out-of-bounds memory read vulnerability in Libmobi versions prior to 0.11
Libmobi is a C library for handling Mobipocket/Kindle (MOBI) e-book format documents. It is used to process Mobipocket/Kindle (MOBI) eBook format documents. versions prior to Libmobi 0.11 have a memory out-of-bounds read vulnerability that can be exploited by attackers to obtain sensitive...
3.2AI Score
Binary vulnerability exists in Libmobi versions prior to 0.11 (CNVD-2022-56619)
Libmobi is a C library used to process Mobipocket/Kindle (MOBI) e-book format documents. It is used to process Mobipocket/Kindle (MOBI) eBook format documents. versions prior to Libmobi 0.11 have a binary vulnerability that can be exploited by attackers to cause a denial of...
4.4AI Score
Libmobi versions prior to 0.11 are binary vulnerable
Libmobi is a C library used to process Mobipocket/Kindle (MOBI) e-book format documents. It is used to process Mobipocket/Kindle (MOBI) e-book format documents. versions prior to Libmobi 0.11 have a binary vulnerability that could be exploited by attackers to obtain sensitive...
4AI Score
Fedora: Security Advisory for golang-github-mmarkdown-mmark (FEDORA-2022-fae3ecee19)
The remote host is missing an update for...
9.1CVSS
8.9AI Score
0.005EPSS
[SECURITY] Fedora 36 Update: golang-github-mmarkdown-mmark-2.2.10-5.fc36
Mmark is a powerful markdown processor written in Go, geared towards writing IETF documents. It is, however, also suited for writing complete books and ot her technical documentation, like the Learning Go book (mmark source, and I-D text...
9.1CVSS
8.9AI Score
0.005EPSS
SQL Injection vulnerability in viaviwebtech Android EBook App (Books App, PDF, ePub, Online Book Reading, Download Books) 10 via the author_id parameter to...
9.8CVSS
9.5AI Score
0.002EPSS
SQL Injection vulnerability in viaviwebtech Android EBook App (Books App, PDF, ePub, Online Book Reading, Download Books) 10 via the author_id parameter to...
9.8CVSS
0.002EPSS
SQL Injection vulnerability in viaviwebtech Android EBook App (Books App, PDF, ePub, Online Book Reading, Download Books) 10 via the author_id parameter to...
9.8CVSS
9.4AI Score
0.002EPSS
SQL Injection vulnerability in viaviwebtech Android EBook App (Books App, PDF, ePub, Online Book Reading, Download Books) 10 via the author_id parameter to...
9.8AI Score
0.002EPSS
VAmPI - Vulnerable REST API With OWASP Top 10 Vulnerabilities For Security Testing
The Vulnerable API (Based on OpenAPI 3) VAmPI is a vulnerable API made with Flask and it includes vulnerabilities from the OWASP top 10 vulnerabilities for APIs. It was created as I wanted a vulnerable API to evaluate the efficiency of tools used to detect security issues in APIs. It includes a...
0.6AI Score
The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX...
5.3CVSS
6.7AI Score
0.001EPSS
Low Value Definition On The Slippage
Lines of code Vulnerability details Impact Trades can happen at a bad price and lead to receiving fewer tokens than at a fair market price. The attacker's profit is the protocol's loss. Proof of Concept MyStrategy contract has low slippage checks which can lead to being vulnerable to sandwich...
6.9AI Score
Libmobi Denial of Service Vulnerability (CNVD-2022-54978)
Libmobi is a C library for handling Mobipocket/Kindle (MOBI) e-book format documents. It is used to process Mobipocket/Kindle (MOBI) e-book format documents. A denial of service vulnerability exists in versions of Libmobi prior to v0.10, which stems from the component mobi_buffer_getpointer...
6.5CVSS
2.7AI Score
0.001EPSS