3com – Asesor De Cookies Para Normativa Española Security Vulnerabilities

RHEL 8 : Jenkins and Jenkins-2-plugins (RHSA-2024:0778)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0778 advisory. google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization...

Amazon Linux 2023 : compat-libpthread-nonshared, glibc, glibc-all-langpacks (ALAS2023-2024-589)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-589 advisory. The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1454-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1454-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: sprd: fix reference leak when pm_runtime_get_sync...

outfits24.de Cross Site Scripting vulnerability OBB-3923831

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

RHEL 8 : Satellite 6.14.2 Async Security Update (Important) (RHSA-2024:0797)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0797 advisory. mosquitto: memory leak leads to unresponsive broker (CVE-2023-0809, CVE-2023-28366, CVE-2023-3592) gRPC: file descriptor exhaustion leads...

School Employee Allegedly Framed a Principal With Racist Deepfake Rant

Plus: Google holds off on killing cookies, Samourai Wallet founders get arrested, and GM stops driver surveillance...

pizza-taxi-24.de Cross Site Scripting vulnerability OBB-3923270

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

RHEL 6 / 7 : httpd24 (RHSA-2018:3558)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. curl: TLS session resumption client cert bypass (CVE-2016-5419) curl: Re-using connection with wrong client cert (CVE-2016-5420) ...

openSUSE: Security Advisory for php8 (SUSE-SU-2024:1446-1)

The remote host is missing an update for...

RHEL 6 : novnc (RHSA-2015:0884)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2015:0884 advisory. novnc: session hijack through insecurely set session token cookies (CVE-2013-7436) Note that Nessus has not tested for this issue but has instead...

openSUSE: Security Advisory for php7 (SUSE-SU-2024:1444-1)

The remote host is missing an update for...

New 'Brokewell' Android Malware Spread Through Fake Browser Updates

Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. "Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware," Dutch security firm ThreatFabric said in an analysis...

CVE-2024-22633

Setor Informatica Sistema Inteligente para Laboratorios (S.I.L.) 388 was discovered to contain a remote code execution (RCE) vulnerability via the hprinter parameter. This vulnerability is triggered via a crafted POST...

CVE-2024-22632

Setor Informatica Sistema Inteligente para Laboratorios (S.I.L.) 388 was discovered to contain a remote code execution (RCE) vulnerability via the hmsg parameter. This vulnerability is triggered via a crafted POST...

CentOS 9 : glibc-2.34-83.el9.3

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the glibc-2.34-83.el9.3 build changelog. Stack read overflow in getaddrinfo in no-aaaa mode (#2234716) (CVE-2023-4527) potential use-after-free in gaih_inet (RHEL-2438)...

CVE-2024-22632

Setor Informatica Sistema Inteligente para Laboratorios (S.I.L.) 388 was discovered to contain a remote code execution (RCE) vulnerability via the hmsg parameter. This vulnerability is triggered via a crafted POST...

CVE-2024-22633

Setor Informatica Sistema Inteligente para Laboratorios (S.I.L.) 388 was discovered to contain a remote code execution (RCE) vulnerability via the hprinter parameter. This vulnerability is triggered via a crafted POST...

CVE-2024-3622

A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-registry to have the same secret key. This flaw allows a...

CVE-2024-3622 Mirror-registry: plain-text default csrf secret key

A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-registry to have the same secret key. This flaw allows a...

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 209 vulnerabilities disclosed in 169...

U.S. Dept Of Defense: reflected xss [CVE-2020-3580]

Hey Security Team It was observed that the application is vulnerable to cross-site scripting (XSS). XSS is a type of attack that involves running a malicious scripts on a victim’s browser. website: ███████ attached When the user clicks submit, his information will be stolen Impact Cookie Stealing.....

Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny

Google has once again pushed its plans to deprecate third-party tracking cookies in its Chrome web browser as it works to address outstanding competition concerns from U.K. regulators over its Privacy Sandbox initiative. The tech giant said it's working closely with the U.K. Competition and...

[SECURITY] Fedora 39 Update: curl-8.2.1-5.fc39

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

Grassroot DICOM JPEG2000Codec::DecodeByStreamsCommon out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2024-1935 Grassroot DICOM JPEG2000Codec::DecodeByStreamsCommon out-of-bounds write vulnerability April 25, 2024 CVE Number CVE-2024-22373 SUMMARY An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu...

Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1944 Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability April 25, 2024 CVE Number CVE-2024-25569 SUMMARY An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A...

Grassroot DICOM LookupTable::SetLUT out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2024-1924 Grassroot DICOM LookupTable::SetLUT out-of-bounds write vulnerability April 25, 2024 CVE Number CVE-2024-22391 SUMMARY A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23......

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Thunderbird vulnerabilities (USN-6750-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6750-1 advisory. GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox...

Thunderbird vulnerabilities

Releases Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker...

Important: glibc

Issue Overview: The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable....

Medium: curl

Issue Overview: This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by....

Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6747-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6747-1 advisory. There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory...

Firefox vulnerabilities

Releases Ubuntu 20.04 LTS Packages firefox - Mozilla Open Source web browser Details Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive...

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container (ACEcc) is built on the Red Hat Universal Base Images. ACEcc operator versions 5.0.17 (LTS) and 11.5.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities.....

Suspected CoralRaider continues to expand victimology using three information stealers

_By Joey Chen, Chetan Raghuprasad and Alex Karkins. _ Cisco Talos discovered a new ongoing campaign since at least February 2024, operated by a threat actor distributing three famous infostealer malware, including Cryptbot, LummaC2 and Rhadamanthys. Talos also discovered a new PowerShell...

Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases

European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to end-to-end encryption (E2EE). They called on the industry and governments to take urgent action to ensure public safety across social media platforms....

German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies

German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants were not disclosed by the Office of the Federal Prosecutor (aka Generalbundesanwalt), but it includes Herwig F., Ina F., and Thomas R. "The suspects...

Gambio Online Webshop 4.9.2.0 Remote Code Execution Exploit

A remote code execution vulnerability in Gambio online webshop versions 4.9.2.0 and below allows remote attackers to run arbitrary commands via an unauthenticated HTTP POST request. The identified vulnerability within Gambio pertains to an insecure deserialization flaw, which ultimately allows an.....

Debian dsa-5670 : thunderbird - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5670 advisory. The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This...

Gambio Online Webshop 4.9.2.0 Remote Code Execution

...

Debian dla-3791 : thunderbird - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3791 advisory. The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This...

ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theft

The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and steal valuable data. Russian cybersecurity firm Kaspersky characterized the adversary as relying on various programs to harvest data on an "industrial scale" from...

Wallarm’s Open Source API Firewall debuts at Blackhat Asia 2024 – Introduces Key New Features & Functionalities

Wallarm introduced its ongoing Open Source API Firewall project to the world at the recently concluded Blackhat Asia 2024 conference in Singapore. The open-source API Firewall by Wallarm is a free, lightweight API Firewall designed to protect REST and GraphQL API endpoints across cloud-native...

ToddyCat is making holes in your infrastructure

We continue covering the activities of the APT group ToddyCat. In our previous article, we described tools for collecting and exfiltrating files (LoFiSe and PcExter). This time, we have investigated how attackers obtain constant access to compromised infrastructure, what information on the hosts...

[SECURITY] [DLA 3791-1] thunderbird security update

Debian LTS Advisory DLA-3791-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 22, 2024 https://wiki.debian.org/LTS Package : thunderbird Version : 1:115.10.1-1~deb10u1 CVE...

[SECURITY] [DSA 5670-1] thunderbird security update

Debian Security Advisory DSA-5670-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 22, 2024 https://www.debian.org/security/faq Package : thunderbird CVE ID : CVE-2024-2609 CVE-2024-3302...

Security Bulletin: IBM Security Verify Governance - Identity Manager has multiple vulnerabilities

Summary Multiple security vulnerabilities have been addressed in updates to IBM Security Verify Governance - Identity Manager software component and IBM Security Verify Governance - Identity Manager virtual appliance component. Vulnerability Details ** CVEID: CVE-2023-26119 DESCRIPTION:...

Debian: Security Advisory (DSA-5670-1)

The remote host is missing an update for the...

Debian: Security Advisory (DLA-3791-1)

The remote host is missing an update for the...

Debian: Security Advisory (DLA-3790-1)

The remote host is missing an update for the...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1524)

The remote host is missing an update for the Huawei...