Good & Bad Comments Security Vulnerabilities

CVE-2021-47175

In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: fix OOB access in the traffic path the following script: tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2 # tc qdisc add dev eth0 clsact # tc filter add dev eth0 egress matchall action skbedit priority...

Jetpack < 13.2.1 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

openSUSE: Security Advisory for gstreamer (SUSE-SU-2024:0793-1)

The remote host is missing an update for...

openSUSE: Security Advisory for go1.22 (SUSE-SU-2024:0812-1)

The remote host is missing an update for...

SUSE SLES12 Security Update : kernel (SUSE-SU-2024:0976-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0976-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:0926-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0926-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:0977-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0977-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:0925-1)

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0925-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free ...

SUSE SLES12 Security Update : kernel (SUSE-SU-2024:0975-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0975-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap...

SUSE SLES12 Security Update : go1.22 (SUSE-SU-2024:0936-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0936-1 advisory. When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an...

“Pig butchering” is an evolution of a social engineering tactic we’ve seen for years

Whether you want to call them "catfishing," "pig butchering" or just good 'old-fashioned "social engineering," romance scams have been around forever. I was first introduced to them through the MTV show "Catfish," but recently they seem to be making headlines as the term "pig butchering" enters...

19 million plaintext passwords exposed by incorrectly configured Firebase instances

Three researchers scanned the internet for vulnerable Firebase instances, looking for personally identifiable information (PII). Firebase is a platform for hosting databases, cloud computing, and app development. It's owned by Google and was set up to help developers build and ship apps. What the.....

The Not-so-True People-Search Network from China

It's not unusual for the data brokers behind people-search websites to use pseudonyms in their day-to-day lives (you would, too). Some of these personal data purveyors even try to reinvent their online identities in a bid to hide their conflicts of interest. But it's not every day you run across a....

Amazon Linux 2023 : cargo, clippy, rust (ALAS2023-2024-566)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-566 advisory. libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using...

Ubuntu 23.10 : Linux kernel (ARM laptop) vulnerabilities (USN-6707-2)

The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6707-2 advisory. A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The...

Dynamic Variable Evaluation in qiskit-ibm-runtime

Summary An eval() method exists Options._get_program_inputs. This is bad in any case, but especially bad because Options are also used server side, so this has the potential to expose arbitrary code injection in runtime containers, now or at a later time. Details...

Dynamic Variable Evaluation in qiskit-ibm-runtime

Summary An eval() method exists Options._get_program_inputs. This is bad in any case, but especially bad because Options are also used server side, so this has the potential to expose arbitrary code injection in runtime containers, now or at a later time. Details...

Tax scammer goes after small business owners and self-employed people

While most tax payers don’t particularly look forward to tax season, for some scammers it’s like the opening of their hunting season. So it's no surprise that our researchers have found yet another tax-related scam. In this most recent scam, we've not seen the lure the scammer uses, but it is...

Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6707-1)

The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6707-1 advisory. A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation....

kernel security and bug fix update

[3.10.0-1160.114.2.0.1.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.114.2.OL7] - Update Oracle Linux certificates (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)([email protected]) - Update...

APIs Drive the Majority of Internet Traffic and Cybercriminals are Taking Advantage

Application programming interfaces (APIs) are the connective tissue behind digital modernization, helping applications and databases exchange data more effectively. The State of API Security in 2024 Report from Imperva, a Thales company, found that the majority of internet traffic (71%) in 2023...

SQL Injection Vulnerability Patched in Tutor LMS WordPress Plugin

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 15th, 2024, during our second Bug Bounty Extravaganza,.....

From Deepfakes to Malware: AI's Expanding Role in Cyber Attacks

Large language models (LLMs) powering artificial intelligence (AI) tools today could be exploited to develop self-augmenting malware capable of bypassing YARA rules. "Generative AI can be used to evade string-based YARA rules by augmenting the source code of small malware variants, effectively...

Social media influencers targeted by identity thieves

Social media influencers are attractive targets for identity thieves. With large followings and a literal influence on their followers, it's no wonder they are targeted by scammers and spreaders of fake news. A subset of influencers are the so-called "finfluencers": influencers that provide their.....

GAP-Burp-Extension - Burp Extension To Find Potential Endpoints, Parameters, And Generate A Custom Target Wordlist

This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on, and produces a target specific wordlist to use for fuzzing. The full Help documentation can be....

AI and the Evolution of Social Media

Oh, how the mighty have fallen. A decade ago, social media was celebrated for sparking democratic uprisings in the Arab world and beyond. Now front pages are splashed with stories of social platforms’ role in misinformation, business conspiracy, malfeasance, and risks to mental health. In a 2022...

E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials

A 31-year-old Moldovan national has been sentenced to 42 months in prison in the U.S. for operating an illicit marketplace called E-Root Marketplace that offered for sale hundreds of thousands of compromised credentials, the Department of Justice (DoJ) announced. Sandu Boris Diaconu was charged...

Improper HTML sanitization in ZITADEL

Impact ZITADEL uses Go templates to render the login UI. Due to a improper use of the text/template instead of the html/template package, the Login UI did not sanitize input parameters. An attacker could create a malicious link, where he injected code which would be rendered as part of the login...

Improper HTML sanitization in ZITADEL

Impact ZITADEL uses Go templates to render the login UI. Due to a improper use of the text/template instead of the html/template package, the Login UI did not sanitize input parameters. An attacker could create a malicious link, where he injected code which would be rendered as part of the login...

Unencrypted traffic between nodes when using WireGuard and L7 policies

Impact In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies: Traffic that should be WireGuard-encrypted is sent unencrypted between a node's Envoy proxy and pods on other nodes. Traffic that should be WireGuard-encrypted is sent unencrypted between a node's DNS proxy...

Unencrypted traffic between nodes when using WireGuard and L7 policies

Impact In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies: Traffic that should be WireGuard-encrypted is sent unencrypted between a node's Envoy proxy and pods on other nodes. Traffic that should be WireGuard-encrypted is sent unencrypted between a node's DNS proxy...

Unencrypted traffic between nodes when using IPsec and L7 policies

Impact In Cilium clusters with IPsec enabled and traffic matching Layer 7 policies: Traffic that should be IPsec-encrypted between a node's Envoy proxy and pods on other nodes is sent unencrypted Traffic that should be IPsec-encrypted between a node's DNS proxy and pods on other nodes is sent...

Unencrypted traffic between nodes when using IPsec and L7 policies

Impact In Cilium clusters with IPsec enabled and traffic matching Layer 7 policies: Traffic that should be IPsec-encrypted between a node's Envoy proxy and pods on other nodes is sent unencrypted Traffic that should be IPsec-encrypted between a node's DNS proxy and pods on other nodes is sent...

Intermittent HTTP policy bypass

Impact Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being incorrectly and intermittently forwarded when it should be dropped. Patches This issue affects: Cilium v1.13 between v1.13.9 and v1.13.12 inclusive Cilium v1.14...

Intermittent HTTP policy bypass

Impact Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being incorrectly and intermittently forwarded when it should be dropped. Patches This issue affects: Cilium v1.13 between v1.13.9 and v1.13.12 inclusive Cilium v1.14...

Gaining kernel code execution on an MTE-enabled Pixel 8

In this post, I'll look at CVE-2023-6241, a vulnerability in the Arm Mali GPU that I reported to Arm on November 15, 2023 and was fixed in the Arm Mali driver version r47p0, which was released publicly on December 14, 2023. It was fixed in Android in the March security update. When exploited, this....

Drones and the US Air Force

Fascinating analysis of the use of drones on a modern battlefield--that is, Ukraine--and the inability of the US Air Force to react to this change. The F-35A certainly remains an important platform for high-intensity conventional warfare. But the Air Force is planning to buy 1,763 of the...

Amazon Linux 2 : rust (ALAS-2024-2496)

The version of rust installed on the remote host is prior to 1.68.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2496 advisory. libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API,...

Interpretation Differences

net/mail in GO is vulnerable to Interpretation Differences. The vulnerability is due to the ParseAddressList function incorrectly handling comments (text within parentheses) inside display names. The parser handles the display names different then conforming address parsers, which could result in.....

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:0900-2)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0900-2 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after...

CLI for Vela Insecure Variable Substitution

Impact Vela pipelines can use variable substitution combined with insensitive fields like parameters, image and entrypoint to inject secrets into a plugin/image and — by using common substitution string manipulation — can bypass log masking and expose secrets without the use of the commands block.....

CLI for Vela Insecure Variable Substitution

Impact Vela pipelines can use variable substitution combined with insensitive fields like parameters, image and entrypoint to inject secrets into a plugin/image and — by using common substitution string manipulation — can bypass log masking and expose secrets without the use of the commands block.....

Golang SDK for Vela Insecure Variable Substitution

Impact Vela pipelines can use variable substitution combined with insensitive fields like parameters, image and entrypoint to inject secrets into a plugin/image and — by using common substitution string manipulation — can bypass log masking and expose secrets without the use of the commands block.....

Golang SDK for Vela Insecure Variable Substitution

Impact Vela pipelines can use variable substitution combined with insensitive fields like parameters, image and entrypoint to inject secrets into a plugin/image and — by using common substitution string manipulation — can bypass log masking and expose secrets without the use of the commands block.....

Server/API for Vela Insecure Variable Substitution

Impact Vela pipelines can use variable substitution combined with insensitive fields like parameters, image and entrypoint to inject secrets into a plugin/image and — by using common substitution string manipulation — can bypass log masking and expose secrets without the use of the commands block.....

Server/API for Vela Insecure Variable Substitution

Impact Vela pipelines can use variable substitution combined with insensitive fields like parameters, image and entrypoint to inject secrets into a plugin/image and — by using common substitution string manipulation — can bypass log masking and expose secrets without the use of the commands block.....

Types for Vela Insecure Variable Substitution

Impact Vela pipelines can use variable substitution combined with insensitive fields like parameters, image and entrypoint to inject secrets into a plugin/image and — by using common substitution string manipulation — can bypass log masking and expose secrets without the use of the commands block.....

Types for Vela Insecure Variable Substitution

Impact Vela pipelines can use variable substitution combined with insensitive fields like parameters, image and entrypoint to inject secrets into a plugin/image and — by using common substitution string manipulation — can bypass log masking and expose secrets without the use of the commands block.....

Record Breaking $153,000+ Already Invested into the Security of the WordPress Ecosystem by Wordfence – More to Come!

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! In just a few short months since our launch in November of last...

Google Introduces Enhanced Real-Time URL Protection for Chrome Users

Google on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially malicious sites. "The Standard protection mode for Chrome on desktop and iOS will check sites against Google's server-side list of....