Dell Encryption (formerly Dell Data Protection | Encryption) Security Vulnerabilities

CVE-2024-30212 Microchip Harmony 3 Core library allows read and write access to RAM via a SCSI READ or WRITE command

If a SCSI READ(10) command is initiated via USB using the largest LBA (0xFFFFFFFF) with it's default block size of 512 and a count of 1, the first 512 byte of the 0x80000000 memory area is returned to the user. If the block count is increased, the full RAM can be exposed. The same method works...

rack-contrib vulnerable to Denial of Service due to the unconstrained value of the incoming "profiler_runs" parameter

Summary The next ruby code is vulnerable to denial of service due to the fact that the user controlled data profiler_runs was not contrained to any limitation. Which would lead to allocating resources on the server side with no limitation (CWE-770). ruby runs =...

Kaminari Insecure File Permissions Vulnerability

A moderate severity security vulnerability has been identified in the Kaminari pagination library for Ruby on Rails, concerning insecure file permissions. This advisory outlines the vulnerability, affected versions, and provides guidance for mitigation. Impact This vulnerability is of moderate...

silverstripe/graphql Cross-Site Request Forgery vulnerability

The GraphQL controller lacked any CSRF protection, meaning authenticated users could be forced or tricked into visiting a URL that would send a GET request to the affected web server that could mutate or destroy data without the user...

silverstripe/graphql Cross-Site Request Forgery vulnerability

The GraphQL controller lacked any CSRF protection, meaning authenticated users could be forced or tricked into visiting a URL that would send a GET request to the affected web server that could mutate or destroy data without the user...

Pyrit - The Famous WPA Precomputed Cracker

Pyrit allows you to create massive databases of pre-computed WPA/WPA2-PSK authentication phase in a space-time-tradeoff. By using the computational power of Multi-Core CPUs and other platforms through ATI-Stream,Nvidia CUDA and OpenCL, it is currently by far the most powerful attack against one of....

Lattice-Based Cryptosystems and Quantum Cryptanalysis

Quantum computers are probably coming, though we don't know when--and when they arrive, they will, most likely, be able to break our standard public-key cryptography algorithms. In anticipation of this possibility, cryptographers have been working on quantum-resistant public-key algorithms. The...

CVE-2021-47310

In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it cannot be used after free_netdev() call. Using priv after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the function....

What is an Infosec Audit and Why Does Your Company Need One?

By Uzair Amir Uncover IT security weaknesses and ensure compliance with infosec audits. Regular audits protect your data from breaches &… This is a post from HackRead.com Read the original post: What is an Infosec Audit and Why Does Your Company Need...

Trusted relationship attacks: trust, but verify

IT outsourcing market continues to demonstrate strong growth globally – such services are becoming increasingly popular. But along with the advantages, such as saved time and resources, delegating non-core tasks creates new challenges in terms of information security. By providing third-party...

CVE-2023-44487 affecting package containerized-data-importer for versions less than 1.55.0-15

CVE-2023-44487 affecting package containerized-data-importer for versions less than 1.55.0-15. A patched version of the package is...

Advisory ROSA-SA-2024-2426

software: busybox 1.36.1 OS: ROSA-CHROME package_evr_string: busybox-1.36.1-3 CVE-ID: CVE-2022-30065 BDU-ID: 2023-02631 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the copyvar function of the BusyBox suite of UNIX command line utilities is related to incorrect processing of a template...

CVE-2023-52710

Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26), As the communication buffer size hasn’t been properly validated to be of the expected size, it can partially overlap with the beginning SMRAM.This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of...

CVE-2023-52547

Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in...

CVE-2023-52710

Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26), As the communication buffer size hasn’t been properly validated to be of the expected size, it can partially overlap with the beginning SMRAM.This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of...

CVE-2023-52547

Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in...

MStore API < 3.9.8 - SQL Injection

The MStore API WordPress plugin before 3.9.8 is vulnerable to Blind SQL injection via the product_id...

JVN#17680667: Multiple vulnerabilities in Unifier and Unifier Cast

Unifier and Unifier Cast provided by Yokogawa Rental ＆ Lease Corporation contains multiple vulnerabilities listed below. Incorrect Default Permissions configured by Cast Launcher (CWE-276) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score 7.8 CVE-2024-23847 Missing Authorization for...

JVN#71404925: Multiple vulnerabilities in UTAU

UTAU provided by ameya/ayame contains multiple vulnerabilities listed below. OS command injection (CWE-78) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Base Score 5.3 CVE-2024-28886 Path Traversal (CWE-22) CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score 3.3 CVE-2024-32944 ## Impact If a...

Eclipse ThreadX Buffer Overflows

...

openSUSE 15 Security Update : libqt5-qtnetworkauth (openSUSE-SU-2024:0143-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0143-1 advisory. - CVE-2024-36048: Fixed data race and poor seeding in generateRandomString() (boo#1224782). Tenable has extracted the preceding description block...

FleetCart 4.1.1 Information Disclosure Vulnerability

...

Siemens CP-XXXX Series Exposed Serial Shell

...

HAWKI 1.0.0-beta.1 XSS / File Overwrite / Session Fixation

...

LibreOffice vulnerability

Releases Ubuntu 24.04 LTS Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages libreoffice - Office productivity suite Details Amel Bouziane-Leblond discovered that LibreOffice incorrectly handled graphic on-click bindings. If a user were tricked into clicking a graphic in a specially...

silverstripe/framework sends passwords back to browsers under some circumstances

Under some circumstances a form may populate a PasswordField with submitted data, reflecting submitted data back to a user. The user will only see their own submissions for password data, which is not considered best practice. We are not aware of data leaks to other users, devices or...

silverstripe/framework sends passwords back to browsers under some circumstances

Under some circumstances a form may populate a PasswordField with submitted data, reflecting submitted data back to a user. The user will only see their own submissions for password data, which is not considered best practice. We are not aware of data leaks to other users, devices or...

silverstripe/framework BackURL validation bypass with malformed URLs

A carefully constructed malformed URL can be used to circumvent the offsite redirection protection used on BackURL parameters. This could lead to users entering sensitive data in malicious websites instead of the intended...

silverstripe/framework BackURL validation bypass with malformed URLs

A carefully constructed malformed URL can be used to circumvent the offsite redirection protection used on BackURL parameters. This could lead to users entering sensitive data in malicious websites instead of the intended...

silverstripe/framework's install.php script discloses sensitive data by pre-populating DB credential forms

When accessing the install.php script it is possible to extract any pre-configured database or default admin account password by viewing the source of the page, and inspecting the value property of the password...

silverstripe/framework's install.php script discloses sensitive data by pre-populating DB credential forms

When accessing the install.php script it is possible to extract any pre-configured database or default admin account password by viewing the source of the page, and inspecting the value property of the password...

Best Practices for Cloud Computing Security

By Owais Sultan Cloud security is crucial for businesses. Here are vital tips to safeguard your data, including choosing a secure… This is a post from HackRead.com Read the original post: Best Practices for Cloud Computing...

silverstripe/framework's URL parameters `isDev` and `isTest` unguarded

The URL parameters isDev and isTest are accessible to unauthenticated users who access a SilverStripe website or application. This allows unauthorised users to expose information that is usually hidden on production environments such as verbose errors (including backtraces) and other debugging...

silverstripe/framework's URL parameters `isDev` and `isTest` unguarded

The URL parameters isDev and isTest are accessible to unauthenticated users who access a SilverStripe website or application. This allows unauthorised users to expose information that is usually hidden on production environments such as verbose errors (including backtraces) and other debugging...

silverstripe/framework users inadvertently passing sensitive data to LoginAttempt

All user login attempts are logged in the database in the LoginAttempt table. However, this table contains information in plain text, and may possible contain sensitive information, such as user passwords mis-typed into the username field. In order to address this a one-way hash is applied to the.....

silverstripe/framework users inadvertently passing sensitive data to LoginAttempt

All user login attempts are logged in the database in the LoginAttempt table. However, this table contains information in plain text, and may possible contain sensitive information, such as user passwords mis-typed into the username field. In order to address this a one-way hash is applied to the.....

silverstripe/framework's User-Agent header not correctly invalidating user session

A security protection device in Session designed to protect session hijacking was not correctly functioning. This function intended to protect user sessions by detecting changes in the User-Agent header, but modifications to this header were not correctly invalidating the user...

silverstripe/framework's User-Agent header not correctly invalidating user session

A security protection device in Session designed to protect session hijacking was not correctly functioning. This function intended to protect user sessions by detecting changes in the User-Agent header, but modifications to this header were not correctly invalidating the user...

CVE-2024-35181

Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...

CVE-2024-35182

Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...

silverstripe/framework password encryption salt not updated

When a user changes their password, the internal salt used for hashing their password is not updated. Although this is not considered a security vulnerability, this behaviour has been improved to ensure the salt is reset on change of...

silverstripe/framework password encryption salt not updated

When a user changes their password, the internal salt used for hashing their password is not updated. Although this is not considered a security vulnerability, this behaviour has been improved to ensure the salt is reset on change of...

CVE-2024-35182 GHSL-2024-014 Meshery SQL Injection vulnerability

Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...

CVE-2024-35181 GHSL-2024-013 Meshery SQL Injection vulnerability

Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...

CVE-2024-36105

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. Prior to versions 1.6.15, 1.7.15, and 1.8.1, Binding to INADDR_ANY (0.0.0.0) or IN6ADDR_ANY (::) exposes an application on all network interfaces, increasing.....

CVE-2024-36105

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. Prior to versions 1.6.15, 1.7.15, and 1.8.1, Binding to INADDR_ANY (0.0.0.0) or IN6ADDR_ANY (::) exposes an application on all network interfaces, increasing.....

CVE-2024-36105 dbt allows Binding to an Unrestricted IP Address via socketsocket

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. Prior to versions 1.6.15, 1.7.15, and 1.8.1, Binding to INADDR_ANY (0.0.0.0) or IN6ADDR_ANY (::) exposes an application on all network interfaces, increasing.....

CVE-2024-35231

rack-contrib provides contributed rack middleware and utilities for Rack, a Ruby web server interface. Versions of rack-contrib prior to 2.5.0 are vulnerable to denial of service due to the fact that the user controlled data profiler_runs was not constrained to any limitation. This would lead to...

CVE-2024-35231

rack-contrib provides contributed rack middleware and utilities for Rack, a Ruby web server interface. Versions of rack-contrib prior to 2.5.0 are vulnerable to denial of service due to the fact that the user controlled data profiler_runs was not constrained to any limitation. This would lead to...

CVE-2024-35231 rack-contrib vulnerable to Denial of Service due to the unconstrained value of the incoming "profiler_runs" parameter

rack-contrib provides contributed rack middleware and utilities for Rack, a Ruby web server interface. Versions of rack-contrib prior to 2.5.0 are vulnerable to denial of service due to the fact that the user controlled data profiler_runs was not constrained to any limitation. This would lead to...