MAX PRESENCE,TP3106,TP3206 Security Vulnerabilities

CVE-2023-22936

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind server-side request forgery (SSRF) by an authenticated user. The initiator of the request cannot see the response without the presence of an additional vulnerability within....

CVE-2023-22936

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind server-side request forgery (SSRF) by an authenticated user. The initiator of the request cannot see the response without the presence of an additional vulnerability within....

Server side request forgery (ssrf)

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind server-side request forgery (SSRF) by an authenticated user. The initiator of the request cannot see the response without the presence of an additional vulnerability within....

CVE-2023-22936 Authenticated Blind Server Side Request Forgery via the ‘search_listener’ Search Parameter in Splunk Enterprise

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind server-side request forgery (SSRF) by an authenticated user. The initiator of the request cannot see the response without the presence of an additional vulnerability within....

Intel 2023.1 IPU – BIOS February 2023 Security Updates

Intel has informed HP of potential vulnerabilities identified in some Intel® Processors with Intel® Software Guard Extensions (SGX) that might allow information disclosure and potential vulnerabilities in the BIOS firmware and Intel® Trusted Execution Technology (TXT) Secure Initialization (SINIT)....

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.316.7] - runtime revert of virtio_net: Stripe queue affinities across cores. (Konrad Rzeszutek Wilk) [Orabug: 35001045] [5.4.17-2136.316.6] - block: Change the granularity of io ticks from ms to ns (Gulam Mohamed) [Orabug: 34780807] - powercap: intel_rapl: support new layout of...

Unbreakable Enterprise kernel security update

[5.4.17-2136.316.7] - runtime revert of virtio_net: Stripe queue affinities across cores. (Konrad Rzeszutek Wilk) [Orabug: 35001045] [5.4.17-2136.316.6] - block: Change the granularity of io ticks from ms to ns (Gulam Mohamed) [Orabug: 34780807] - powercap: intel_rapl: support new layout of...

Malwarebytes recognized as endpoint security leader by G2

G2 has released their Winter 2023 reports, ranking Malwarebytes as the leader across a number of endpoint protection categories. Based on verified customer reviews, Malwarebytes has been ranked #1 over top EDR vendors for endpoint malware and antivirus protection, detection and remediation of...

Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages

Four different rogue packages in the Python Package Index (PyPI) have been found to carry out a number of malicious actions, including dropping malware, deleting the netstat utility, and manipulating the SSH authorized_keys file. The packages in question are aptx, bingchilling2, httops, and...

Debian DLA-3316-1 : postgresql-11 - LTS security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3316 advisory. PostgreSQL Project reports: A modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport...

IBM Infosphere Information Server Cross-Site Scripting Vulnerability (CNVD-2023-08069)

IBM InfoSphere Information Server is a data integration platform from International Business Machines (IBM). A cross-site scripting vulnerability exists in IBM Infosphere Information Server version 11.7, which stems from the presence of cross-site scripting that could be exploited by an attacker...

PostgreSQL server -- Client memory disclosure when connecting, with Kerberos, to modified server.

PostgreSQL Project reports: A modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. When a libpq client application has a Kerberos credential cache and doesn't explicitly disable option gssencmode, a server...

FreeBSD : PostgreSQL server -- Client memory disclosure when connecting, with Kerberos, to modified server. (7a8b6170-a889-11ed-bbae-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7a8b6170-a889-11ed-bbae-6cc21735f730 advisory. PostgreSQL Project reports: A modified, unauthenticated server can send an ...

Russian Hackers Using Graphiron Malware to Steal Data from Ukraine

A Russia-linked threat actor has been observed deploying a new information-stealing malware in cyber attacks targeting Ukraine. Dubbed Graphiron by Broadcom-owned Symantec, the malware is the handiwork of an espionage group known as Nodaria, which is tracked by the Computer Emergency Response Team....

On the 20th Safer Internet Day, what was security like back in 2004?

Today is the 20th Safer Internet Day. Since 2004, there's been an annual event designed to "Promote safer and more responsible use of online technology and mobile phones, especially amongst children and young people across the world." 2004 was a key year for several safety activities, encompassing....

Event Management System SQL Injection Vulnerability

Calendar Event Management System is an event management system. SQL injection vulnerability exists in Calendar Event Management System version 2.3.0, which stems from the presence of certain unknown processing in the component Login Page, with the parameter name/pwd leading to SQL injection. No...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Thunderbird vulnerabilities (USN-5824-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 22.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5824-1 advisory. Service Workers should not be able to infer information about opaque cross-origin responses; but timing information...

Cybersecurity Budgets Are Going Up. So Why Aren't Breaches Going Down?

Over the past few years, cybersecurity has become a major concern for businesses around the globe. With the total cost of cybercrime in 2023 forecasted to reach $8 Trillion – with a T, not a B – it's no wonder that cybersecurity is top of mind for leaders across all industries and regions....

Amazon Still Selling T95 TV Box with Pre-Installed Malware

By Deeba Ahmed Malwarebytes has confirmed that, despite confirmed reports of the presence of pre-installed malware in T95 TV boxes, Amazon is still allowing their sale. This is a post from HackRead.com Read the original post: Amazon Still Selling T95 TV Box with Pre-Installed...

CVE-2022-34884

A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of...

CVE-2022-34884

A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of...

Buffer overflow

A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of...

CVE-2022-34884

A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of...

Rocky Linux 8 : firefox (RLSA-2022:8580)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8580 advisory. Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed...

Threat Round up for January 20 to January 27

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 20 and Jan. 27. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,....

Ubuntu: Security Advisory (USN-4791-1)

The remote host is missing an update for...

Google Takes Down 50,000 Instances of Pro-Chinese DRAGONBRIDGE Influence Operation

Google on Thursday disclosed it took steps to dismantle over 50,000 instances of activity orchestrated by a pro-Chinese influence operation known as DRAGONBRIDGE in 2022. "Most DRAGONBRIDGE activity is low quality content without a political message, populated across many channels and blogs," the.....

PY#RATION: New Python-based RAT Uses WebSocket for C2 and Data Exfiltration

Cybersecurity researchers have unearthed a new attack campaign that leverages a Python-based remote access trojan (RAT) to gain control over compromised systems since at least August 2022. "This malware is unique in its utilization of WebSockets to avoid detection and for both command-and-control.....

Privilege Escalation

cakephp/cakephp is vulnerable to Privilege Escalation. A remote attacker is able to directly access prefixed actions without setting the correct request parameters due to unconventional URL paths, which allows an attacker to elevate privileges when the authorization depends on the presence of the.....

Popeye - A Kubernetes Cluster Resource Sanitizer

Popeye - A Kubernetes Cluster Sanitizer Popeye is a utility that scans live Kubernetes cluster and reports potential issues with deployed resources and configurations. It sanitizes your cluster based on what's deployed and not what's sitting on disk. By scanning your cluster, it detects...

Solaris 10 dtprintinfo Local Privilege Escalation Exploit

Solaris 10 CDE local privilege escalation exploit that achieves root by injecting a fake printer via lpstat and uses a buffer overflow in libXM...

Solaris 10 dtprintinfo / libXm / libXpm Security Issues Vulnerability

Multiple vulnerabilities have been discovered across Common Desktop Environment version 1.6, Motif version 2.1, and X.Org libXpm versions prior to 3.5.15 on Oracle Solaris 10 that can be chained together to achieve...

ConduitController: Smart Contract Initial Owner Vulnerability

Lines of code Vulnerability details Bug Description The createConduit function in the ConduitController smart contract is responsible for deploying new conduits, or contracts that allow registered callers (or open "channels") to transfer approved ERC20/721/1155 tokens on their behalf. The function....

[updated]Ransomware money laundering operation disrupted, founder arrested

The US Department of Justice (DOJ) has released information about the arrest of Anatoly Legkodymov, the founder and majority owner of a cryptocurrency exchange called Bitzlato, on money laundering charges. Legkodymov, a Russian national who lives in China, is accused of processing over $700...

NVIDIA® GPU Display Driver November 2022 Security Update

NVIDIA has informed HP of potential security vulnerabilities identified in the NVIDIA® GPU Display Driver for Windows which might allow escalation of privilege, arbitrary code execution, denial of service, or information disclosure. NVIDIA has released software updates to mitigate these...

Solaris 10 dtprintinfo / libXm / libXpm Security Issues

...

Publify Input Validation Error Vulnerability (CNVD-2023-04309)

Publify is a simple but full-featured web publishing software. versions of Publify prior to 9.2.10 are vulnerable to an input validation error, which stems from the presence of an integer overflow issue. No detailed vulnerability details are currently...

phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-04313)

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.10 are vulnerable to a cross-site scripting vulnerability that stems from the presence of stored cross-site scripting (XSS). No detailed vulnerability details are currently...

radare2 injection vulnerability

radare2 is a set of libraries and tools for working with binaries. radare2 versions prior to 5.8.2 have a security vulnerability that stems from the inability to clean up special elements to a different plane and the presence of special element injection. No detailed vulnerability details are...

phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-04312)

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.10 are vulnerable to a cross-site scripting vulnerability that stems from the presence of stored cross-site scripting (XSS). No detailed vulnerability details are currently...

phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-04315)

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.10 are vulnerable to a cross-site scripting vulnerability that stems from the presence of stored cross-site scripting (XSS). No detailed vulnerability details are currently...

phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-04318)

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.10 are vulnerable to a cross-site scripting vulnerability that stems from the presence of stored cross-site scripting (XSS). No detailed vulnerability details are currently...

phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-04316)

phpMyFAQ is a multilingual, fully database-driven FAQ system by Thorsten Rinne, a personal developer. phpMyFAQ versions prior to 3.1.10 are vulnerable to a cross-site scripting vulnerability that stems from the presence of stored cross-site scripting (XSS). No detailed vulnerability details are...

phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-04317)

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.10 are vulnerable to a cross-site scripting vulnerability that stems from the presence of stored cross-site scripting (XSS). No detailed vulnerability details are currently...

phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-04311)

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.10 are vulnerable to a cross-site scripting vulnerability that stems from the presence of reflective cross-site scripting (XSS). No detailed vulnerability details are currently...

Exploit for OS Command Injection in Zyxel Usg Flex 100W Firmware

CVE-2022-30525_check Description: This script checks for the...

Threat Round up for January 6 to January 13

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 6 and Jan. 13. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,.....

Cybercriminals Using Polyglot Files in Malware Distribution to Fly Under the Radar

Remote access trojans such as StrRAT and Ratty are being distributed as a combination of polyglot and malicious Java archive (JAR) files, once again highlighting how threat actors are continuously finding new ways to fly under the radar. "Attackers now use the polyglot technique to confuse...

Unbreakable Enterprise kernel security update

[5.15.0-6.80.3.1] - Revert 'rds: ib: Enable FC by default' (Hakon Bugge) [Orabug: 34964359] [5.15.0-6.80.3] - net/mlx5: Suppress error logging on UCTX creation (Marina) [Orabug: 34888471] - rds: ib: Fix leaked MRs during kexec (Hakon Bugge) [Orabug: 34892082] - uek-rpm: Add ptp_kvm.ko to core...

DER Entitlements: The (Brief) Return of the Psychic Paper

Posted by Ivan Fratric, Project Zero Note: The vulnerability discussed here, CVE-2022-42855, was fixed in iOS 15.7.2 and macOS Monterey 12.6.2. While the vulnerability did not appear to be exploitable on iOS 16 and macOS Ventura, iOS 16.2 and macOS Ventura 13.1 nevertheless shipped hardening...