MAX PRESENCE,TP3106,TP3206 Security Vulnerabilities

Unrestricted Upload Of Files

statamic/cms is vulnerable to Unrestricted Upload Of File With Dangerous Type. The vulnerability is due to FormController.php as there is only a generic file validation rule, which only confirms the presence of a file without checking its type. This lack of explicit validation of file type, allows....

CVE-2023-38831: Navigating the Threat Landscape of the Latest Security Vulnerability

CVE-2023-38831: Navigating the Threat Landscape of the Latest Security Vulnerability By Neeraj Kumar Singh · November 9, 2023 Executive Summary In August 2023, WinRAR released a security patch to address a remote code execution vulnerability in WinRAR's ZIP archive. The vulnerability, known as...

postgresql-server -- Memory disclosure in aggregate function calls

PostgreSQL Project reports: Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type ...

CVE-2023-38831: Navigating the Threat Landscape of the Latest Security Vulnerability

CVE-2023-38831: Navigating the Threat Landscape of the Latest Security Vulnerability By Neeraj Kumar Singh · November 09, 2023 Executive Summary In August 2023, WinRAR released a security patch to address a remote code execution vulnerability in WinRAR's ZIP archive. The vulnerability, known as...

CVE-2023-5941

In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an error. Depending on...

CVE-2023-5941

In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an error. Depending on...

Heap overflow

In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an error. Depending on...

CVE-2023-5941 libc stdio buffer overflow

In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an error. Depending on...

FreeBSD : FreeBSD -- libc stdio buffer overflow (5afcc9a4-7e04-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5afcc9a4-7e04-11ee-8e38-002590c1f29c advisory. In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to ...

FreeBSD -- libc stdio buffer overflow

Problem Description: For line-buffered streams the __sflush() function did not correctly update the FILE object's write space member when the write(2) system call returns an error. Impact: Depending on the nature of an application that calls libc's stdio functions and the presence of...

FreeBSD-SA-23:15.stdio

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:15.libc Security Advisory The FreeBSD Project Topic: libc stdio buffer overflow Category: core Module: libc Announced: 2023-11-07 Credits: inooo All supported....

Imperva Expands Global Network, Adds First PoP in Vietnam

We are delighted to announce our first Point of Presence (PoP) in Hanoi, Vietnam, expanding our global network with our 16th PoP located in the Asia Pacific & Japan (APJ) region. Alongside its rich culture and historic sites, Hanoi, the enchanting capital city of Vietnam, is a bustling business...

(RHSA-2023:6492) Moderate: tang security update

Tang is a server for binding data to network presence. It includes a daemon which provides cryptographic operations for binding to a remote service. The tang package provides the server side of the Network Bound Disk Encryption (NBDE) project. Security Fix(es): tang: Race condition exists in the...

Rocky Linux 8 : firefox (RLSA-2022:8554)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8554 advisory. Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined...

Moderate: tang security update

Tang is a server for binding data to network presence. It includes a daemon which provides cryptographic operations for binding to a remote service. The tang package provides the server side of the Network Bound Disk Encryption (NBDE) project. Security Fix(es): tang: Race condition exists in the...

Moderate: tang security update

Tang is a server for binding data to network presence. It includes a daemon which provides cryptographic operations for binding to a remote service. The tang package provides the server side of the Network Bound Disk Encryption (NBDE) project. Security Fix(es): tang: Race condition exists in the...

CVE-2023-47235

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw...

CVE-2023-47235

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw...

CVE-2023-47235

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw...

CVE-2023-47235

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw...

Design/Logic Flaw

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw...

Dark Web Monitoring

Unveiling Dark Web Surveillance: Bolstering Internet Safety Journey with us into the unchartered territories of the internet, where a masked sector called the Dark Net thrives. This secret hub is notorious for harboring unlawful actions ranging from infringed identity to stolen data, bringing...

CVE-2023-47235

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome. Bugs https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055852 Notes Author| Note...

CVE-2023-47235

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw...

New Secaucus Point of Presence Increases Resilience for Financial Services

We are thrilled to announce the opening of a new cutting-edge Point of Presence (PoP) in Secaucus, New Jersey, which adds resilience to our network infrastructure located in the Northeastern United States region. This PoP represents the first build using next generation technology designed to...

phpMyFAQ Information Disclosure Vulnerability

phpMyFAQ is a multi-language, fully database-driven FAQ system. An information disclosure vulnerability exists in phpMyFAQ versions prior to 3.2.2, which stems from the presence of sensitive cookies in an HTTPS session, and can be exploited by an attacker to obtain sensitive...

phpMyFAQ Access Control Error Vulnerability

phpMyFAQ is a multi-language, fully database-driven FAQ system. An access control error vulnerability exists in versions prior to phpMyFAQ 3.2.2, which stems from the presence of insufficient session expiration. An attacker can exploit this vulnerability to still use old...

What is a Polymorphic Virus detection and best practices ?

In the ever-evolving sphere of digital tech, the persistent threat of cyber intrusions remains a formidable concern. A notable example is the polymorphic virus, an insidiously clever adversary in the landscape of cyber threats. Let's probe the intrinsic nature, attributes, and behaviors of this...

Know Your Malware Part Two – Hacky Obfuscation Techniques

In the first post in this series, we covered common PHP encoding techniques and how they’re used by malware to hide from security analysts and scanners. In today’s post, we’re going to dive a little bit deeper into other obfuscation techniques that make use of other features available in PHP....

What is a Cloud Native Application Protection Platform CNAPP ?

Revealing the Secrets of the Cloud-specific Application Safety Platform (CSASP) In the landscape of online safety, the notion of the Cloud-specific Application Safety Platform (CSASP) is something relatively unheard of, but rapidly gaining popularity. Intuitively from its name, CSASP is a system...

GLSA-202310-21 : ConnMan: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202310-21 (ConnMan: Multiple Vulnerabilities) An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an...

What is Traffic Shaping ?

Unraveling the Enigma of Traffic Modulation Within the realm of digital information, data traffic parallels a high-speed freeway, ferrying packets of details to-and-fro. So what transpires when there's an excessive influx, leading to an overburdened data expressway? This is where the enigma of...

A cascade of compromise: unveiling Lazarus’ new campaign

Earlier this year, a software vendor was compromised by the Lazarus malware delivered through unpatched legitimate software. What's remarkable is that these software vulnerabilities were not new, and despite warnings and patches from the vendor, many of the vendor's systems continued to use the...

StripedFly: Perennially flying under the radar

Introduction It's just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. It comes equipped with a built-in TOR network tunnel for communication with command servers,....

CVE-2023-3112

A vulnerability was reported in Elliptic Labs Virtual Lock Sensor for ThinkPad T14 Gen 3 that could allow an attacker with local access to execute code with elevated...

Qualys Named a Leader in KuppingerCole CSPM Report

Cloud Security Posture Management (CSPM) is a crucial requirement in cloud security. CSPM is all about identifying misconfiguration issues and compliance risks in cloud environments. Since cloud misconfigurations are the leading cause of data breaches, you want an excellent CSPM solution on your...

Attacks on web applications spike in third quarter, new Talos IR data shows

Quarterly threat report: Telecommunications and education are most-targeted verticals There was a notable increase in threats to web applications, accounting for 30 percent of the engagements Cisco Talos Incident Response (Talos IR) responded to in the third quarter of 2023, compared to 8 percent.....

iOS Zero-Day Attacks: Experts Uncover Deeper Insights into Operation Triangulation

The TriangleDB implant used to target Apple iOS devices packs in at least four different modules to record microphone, extract iCloud Keychain, steal data from SQLite databases used by various apps, and estimate the victim's location. The new findings come from Kaspersky, which detailed the great.....

Backdoor Implanted on Hacked Cisco Devices Modified to Evade Detection

The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting methods. "Investigated network traffic to a compromised device has shown that the threat actor has upgraded....

Exploit for Unprotected Alternate Channel in Cisco Ios Xe

Cisco IOS XE implant scanning & network detection Network...

HCL Technologies AppScan Presence Elevation of Privilege Vulnerability

HCL Technologies AppScan Presence is a suite of dynamic analysis testing tools from HCL Technologies, USA, which is mainly used for Web security testing. An elevation of privilege vulnerability exists in HCL Technologies AppScan Presence, which stems from the presence of an un-referenced service...

Exploit for Unprotected Alternate Channel in Cisco Ios Xe

CVE-2023-20198 - PoC SCRIPT /!\ Disclaimer: This...

Ragnar Locker ransomware group taken down

Even though it had a long run for a ransomware group, it seems the bell might be tolling for Ragnar Locker. On October 19, 2023, the group’s leak site was seized by an international group of law enforcement agencies. The take down action was carried out between 16 and 20 October. During the...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : PackageKit vulnerabilities (USN-4538-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4538-1 advisory. PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and...

Ubuntu 16.04 ESM : Apache Tomcat 7 vulnerabilities (USN-4791-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4791-1 advisory. Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not...

Sophisticated MATA Framework Strikes Eastern European Oil and Gas Companies

An updated version of a sophisticated backdoor framework called MATA has been used in attacks aimed at over a dozen Eastern European companies in the oil and gas sector and defense industry as part of a cyber espionage operation that took place between August 2022 and May 2023. "The actors behind.....

Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability

Since early October 2023, Microsoft has observed two North Korean nation-state threat actors – Diamond Sleet and Onyx Sleet – exploiting CVE-2023-42793, a remote-code execution vulnerability affecting multiple versions of JetBrains TeamCity server. TeamCity is a continuous integration/continuous...

What is The Dark Web ?

The Undernet, a term frequently shrouded in enigma and often linked with unlawful activities, is a concealed segment of the digital world that is purposefully veiled and unreachable via regular internet browsers. This chapter aims to unveil the secrets of the Undernet, step by step demythifying...

What is Cracktivator software?

Cisco Talos coined the term "Cracktivator software" to reference counterfeit or modified software for pirated versions of Windows applications. One of our teammates, James Nutland, led the research to look into cracked versions of the Microsoft Windows operating system and other Microsoft...

Unraveling Real-Life Attack Paths – Key Lessons Learned

In the ever-evolving landscape of cybersecurity, attackers are always searching for vulnerabilities and exploits within organizational environments. They don't just target single weaknesses; they're on the hunt for combinations of exposures and attack methods that can lead them to their desired...