1288H V5; 2288H V5 Security Vulnerabilities

CVE-2022-48619

An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap. Bugs https://bugzilla.redhat.com/show_bug.cgi?id=2258012...

Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients

Impact A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the...

Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients

Impact A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the...

CVE-2022-46025

Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device allows remote attackers to obtain Wi-Fi system information, such as Wi-Fi SSID and Wi-Fi password, without logging into the management...

GLSA-202401-09 : Eclipse Mosquitto: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-09 (Eclipse Mosquitto: Multiple Vulnerabilities) In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. (CVE-2023-0809) In Mosquitto before 2.0.16,...

GitHub and the Ekoparty 2023 Capture the Flag

As an Ekoparty 2023 sponsor, GitHub once again had the privilege of submitting several challenges to the event’s Capture The Flag (CTF) competition. Employees from across GitHub’s Security organization came together to brainstorm, plan, build, and test these challenges to create a compelling,...

Maliciously crafted Git server replies can cause DoS on go-git clients

Impact A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications.....

Maliciously crafted Git server replies can cause DoS on go-git clients

Impact A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications.....

Lack of input validation for ClosePositionParams.amountSwap results in theft of fund (premium + protocol fee))

Lines of code https://github.com/code-423n4/2023-12-particle/blob/a3af40839b24aa13f5764d4f84933dbfa8bc8134/contracts/libraries/Base.sol#L55 Vulnerability details Impact Lack of input validation for ClosePositionParams.amountSwap results in theft of fund Proof of Concept ParticlePositionManager.sol....

CVE-2023-50269

A flaw was found in Squid, which is susceptible to a Denial of Service (DoS) due to an Uncontrolled Recursion bug, specifically targeting HTTP Request parsing. Exploiting this issue involves a remote client initiating a DoS attack by sending an oversized X-Forwarded-For header when the...

CVE-2023-50269

Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to...

CVE-2023-50269

Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to...

Design/Logic Flaw

Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to...

Researchers Unveil GuLoader Malware's Latest Anti-Analysis Techniques

Threat hunters have unmasked the latest tricks adopted by a malware strain called GuLoader in an effort to make analysis more challenging. "While GuLoader's core functionality hasn't changed drastically over the past few years, these constant updates in their obfuscation techniques make analyzing.....

Schweitzer Engineering Laboratories SEL-411L

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schweitzer Engineering Laboratories Equipment: SEL-411L Vulnerability: Improper Restriction of Rendered UI Layers or Frames 2. RISK EVALUATION Successful exploitation of this vulnerability...

pubnub Insufficient Entropy vulnerability

Versions of the package pubnub before 7.4.0; all versions of the package com.pubnub:pubnub; versions of the package pubnub before 6.19.0; all versions of the package github.com/pubnub/go; versions of the package github.com/pubnub/go/v7 before 7.2.0; versions of the package pubnub before 7.3.0;...

pubnub Insufficient Entropy vulnerability

Versions of the package pubnub before 7.4.0; all versions of the package com.pubnub:pubnub; versions of the package pubnub before 6.19.0; all versions of the package github.com/pubnub/go; versions of the package github.com/pubnub/go/v7 before 7.2.0; versions of the package pubnub before 7.3.0;...

Denial Of Service (DoS)

libsquid.so is vulnerable to Denial Of Service (DoS). The vulnerability exists due to a buffer overread bug in the library. This allows an attacker to cause an application crash during HTTP message...

CVE-2023-49285

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for....

CVE-2023-49285

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for....

Design/Logic Flaw

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for....

CVE-2023-34390

An input validation vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to create a denial of service against the system and locking out services. See product Instruction Manual Appendix A dated 20230830 for more...

CVE-2023-34388

An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote unauthenticated attacker to potentially perform session hijacking attack and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more...

CVE-2023-34389

An allocation of resources without limits or throttling vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to make the system unavailable for an indefinite amount of time. See product Instruction Manual Appendix A dated 20230830 for more...

CVE-2023-2266

An Improper neutralization of input during web page generation in the Schweitzer Engineering Laboratories SEL-411L could allow an attacker to generate cross-site scripting based attacks against an authorized and authenticated user. See product Instruction Manual Appendix A dated 20230830 for more.....

CVE-2023-31177

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the Schweitzer Engineering Laboratories SEL-451 could allow an attacker to craft a link that could execute arbitrary code on a victim's system. See product Instruction Manual Appendix A dated 20230830 for...

CVE-2023-2267

An Improper Input Validation vulnerability in Schweitzer Engineering Laboratories SEL-411L could allow an attacker to perform reflection attacks against an authorized and authenticated user. See product Instruction Manual Appendix A dated 20230830 for more...

CVE-2023-31176

An Insufficient Entropy vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow an unauthenticated remote attacker to brute-force session tokens and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more...

CVE-2023-2264

An improper input validation vulnerability in the Schweitzer Engineering Laboratories SEL-411L could allow a malicious actor to manipulate authorized users to click on a link that could allow undesired behavior. See product Instruction Manual Appendix A dated 20230830 for more...

CVE-2023-2265

An Improper Restriction of Rendered UI Layers or Frames in the Schweitzer Engineering Laboratories SEL-411L could allow an unauthenticated attacker to perform clickjacking based attacks against an authenticated and authorized user. See product Instruction Manual Appendix A dated 20230830 for more.....

Ubuntu 20.04 ESM / 22.04 LTS / 23.04 : Mosquitto vulnerabilities (USN-6492-1)

The remote Ubuntu 20.04 ESM / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6492-1 advisory. In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT v5 sent a crafted CONNECT...

The Continued Evolution of the DarkGate Malware-as-a-Service

The Continued Evolution of the DarkGate Malware-as-a-Service By Ernesto Fernández Provecho, Pham Duy Phuc, Ciana Driscoll and Vinoo Thomas · November 21, 2023 On September 2023, the Trellix Security Operations Center (SOC) successfully detected and stopped an attack against Musarubra, the holding.....

The Continued Evolution of the DarkGate Malware-as-a-Service

The Continued Evolution of the DarkGate Malware-as-a-Service By Ernesto Fernández Provecho, Pham Duy Phuc, Ciana Driscoll and Vinoo Thomas · November 21, 2023 On September 2023, the Trellix Security Operations Center (SOC) successfully detected and stopped an attack against Musarubra, the holding.....

kernel security, bug fix, and enhancement update

[4.18.0-513.5.1_9.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with...

kernel security, bug fix, and enhancement update

[5.14.0-362.8.1_3.OL9] Update Oracle Linux certificates (Kevin Lyons) Disable signing for aarch64 (Ilya Okomin) Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] Update x509.genkey [Orabug: 24817676] Conflict with shim-ia32...

Fedora 39 : mosquitto (2023-9adc4be8b0)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-9adc4be8b0 advisory. In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. (CVE-2023-0809) In...

Denial Of Service

Squid is vulnerable to Denial Of Service. The vulnerability is due to improper validation of particular index which allows an attacker to initiate a TLS Handshake with a malicious crafted SSL Certificate in a server certificate chain thus leading to denial of...

CVE-2023-46724

A flaw was found in Squid. Due to an improper validation of the specified index bug, Squid compiled using --with-openssl is vulnerable to a denial of service attack against SSL Certificate validation. This flaw allows a remote server to perform a denial of service against the Squid Proxy by...

CVE-2023-46724

Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to.....

CVE-2023-46724

Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to.....

Input validation

Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to.....

CVE-2023-44141

Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown...

Code injection

Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown...

Cosmos packet-forward-middleware vulnerable to chain-halt

The Cosmos SDK is used for Inter-Blockchain Communication Protocol (IBC) applications and middleware. The packet-forward-middleware module is an IBC middleware module built for Cosmos blockchains utilizing the IBC protocol allowing routing of incoming IBC packets from a source chain to a...

Cosmos packet-forward-middleware vulnerable to chain-halt

The Cosmos SDK is used for Inter-Blockchain Communication Protocol (IBC) applications and middleware. The packet-forward-middleware module is an IBC middleware module built for Cosmos blockchains utilizing the IBC protocol allowing routing of incoming IBC packets from a source chain to a...

Security Bulletin: IBM Integration Bus is vulnerable to a denial of service due to Eclipse Mosquitto

Summary IBM Integration Bus is vulnerable to a denial of service due to Eclipse Mosquitto (CVE-2023-28366, CVE-2023-3592, CVE-2023-0809). Vulnerability Details ** CVEID: CVE-2023-28366 DESCRIPTION: **Eclipse Mosquitto is vulnerable to a denial of service, caused by a memory leak flaw in the...

JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1809 JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser out-of-bounds write vulnerability October 19, 2023 CVE Number CVE-2023-38128 SUMMARY An out-of-bounds write vulnerability exists in the “HyperLinkFrame” stream parser of Ichitaro 2023...

JustSystems Corporation Ichitaro "Figure" stream use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1758 JustSystems Corporation Ichitaro "Figure" stream use-after-free vulnerability October 19, 2023 CVE Number CVE-2023-34366 SUMMARY A use-after-free vulnerability exists in the Figure stream parsing functionality of Ichitaro 2023 1.0.1.59372. A specially...

JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser integer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1808 JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser integer overflow vulnerability October 19, 2023 CVE Number CVE-2023-38127 SUMMARY An integer overflow exists in the “HyperLinkFrame” stream parser of Ichitaro 2023 1.0.1.59372. A specially...

Security Bulletin: IBM Aspera Faspex has addressed an IP address restriction bypass vulnerability

Summary IBM Aspera Faspex could allow a malicious actor to bypass the whitelist IP check at user log in. This is not an unauthorized user access exploit. Vulnerability Details ** CVEID: CVE-2023-30995 DESCRIPTION: **IBM Aspera Faspex 4.0 through 4.4.2 and 5.0 through 5.0.5 could allow a...