Microsoft Edge, ChakraCore Security Vulnerabilities

Tukaani Project XZ Utils Backdoor (Feb/Mar 2024)

The XZ Utils of the Tukaani Project have been backdoored by an unknown threat actor in February and March...

Injected Malicious Code

XZ is vulnerable to Injected Malicious Code. Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which.....

Backdoored XZ Utils (CVE-2024-3094)

On Friday, March 29, after investigating anomalous behavior in his Debian sid environment, developer Andres Freund contacted an open-source security mailing list to share that he had discovered an upstream backdoor in widely used command line tool XZ Utils (liblzma). The backdoor, added by an...

Hive Pro Announces Launch of Alliance Partner Program in North America for MSPs and VARs

Herndon, VA – 01 April 2024 – Hive Pro, a pioneer vendor in Threat Exposure Management, announced the formal launch of its North America Alliance Partner Program for Managed Service Providers (MSP) and Value-Added Resellers (VARs). This initiative aims to empower Managed Service Providers (MSPs)...

edge-ministries.org Cross Site Scripting vulnerability OBB-3891744

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Exploit for Embedded Malicious Code in Tukaani Xz

漏洞概述...

K000139140 : util-linux vulnerability CVE-2024-28085

Security Advisory Description wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not...

K000139141 : liblzma vulnerability CVE-2024-3094

Security Advisory Description Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to....

Intel PowerGadget 3.6 Local Privilege Escalation Vulnerability

...

XZ Utils SSHd Backdoor

On March 29th, 2024, security researcher Andres Freund discovered a backdoor in XZ Utils versions 5.6.0 and 5.6.1. Under certain conditions, this backdoor may allow remote access to the targeted system. This disclosure was posted to the Openwall mailing list. The security researcher mentions that.....

CVE-2024-3094

Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....

The Golden Age of Automated Penetration Testing is Here

Network penetration testing plays a vital role in detecting vulnerabilities that can be exploited. The current method of performing pen testing is pricey, leading many companies to undertake it only when necessary, usually once a year for their compliance requirements. This manual approach often...

CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared...

K000139092 : DNS vulnerability CVE-2023-50387

Security Advisory Description Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a...

ROS-20240329-06

The vulnerability in the WebAudio component of Google Chrome and Microsoft Edge browsers is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code using a specially crafted HTML page A vulnerability in the.....

ROS-20240329-07

A vulnerability in the Picture-in-Picture (PiP) technology of the Google Chrome browser is related to errors in the presentation of errors in the presentation of information by the user interface. Exploitation of the vulnerability could allow an attacker, acting remotely, to conduct spoofing...

ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass

Impact ZITADEL users can upload their own avatar image and various image types are allowed. Due to a missing check, an attacker could upload HTML and pretend it is an image to gain access to the victim's account in certain scenarios. A possible victim would need to directly open the supposed image....

ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass

Impact ZITADEL users can upload their own avatar image and various image types are allowed. Due to a missing check, an attacker could upload HTML and pretend it is an image to gain access to the victim's account in certain scenarios. A possible victim would need to directly open the supposed image....

Behind the Scenes: The Art of Safeguarding Non-Human Identities

In the whirlwind of modern software development, teams race against time, constantly pushing the boundaries of innovation and efficiency. This relentless pace is fueled by an evolving tech landscape, where SaaS domination, the proliferation of microservices, and the ubiquity of CI/CD pipelines are....

Exploit for Vulnerability in Microsoft

🇮🇱 **#BringThemHome...

Linux kernel (Intel IoTG) vulnerabilities

Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages linux-intel-iotg - Linux kernel for Intel IoT platforms linux-intel-iotg-5.15 - Linux kernel for Intel IoT platforms Details It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return...

ROS-20240328-08

A vulnerability in the WebRTC technology of Google Chrome browser is related to the use of memory after its freeing. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code or cause a denial of service using specially crafted malware. arbitrary code or cause a...

Linux kernel (Azure) vulnerabilities

Releases Ubuntu 22.04 LTS Packages linux-azure-6.5 - Linux kernel for Microsoft Azure cloud systems Details Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local...

ROS-20240328-15

A vulnerability in the Web Browser UI of Google Chrome and Microsoft Edge browsers is related to incorrectly implemented security checks for standard elements. implemented security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to conduct...

K000139084 : DNS vulnerability CVE-2023-50868

Security Advisory Description The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3"...

CVE-2024-29891

ZITADEL users can upload their own avatar image and various image types are allowed. Due to a missing check, an attacker could upload HTML and pretend it is an image to gain access to the victim's account in certain scenarios. A possible victim would need to directly open the supposed image in the....

CVE-2024-29891 ZITADEL Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass

ZITADEL users can upload their own avatar image and various image types are allowed. Due to a missing check, an attacker could upload HTML and pretend it is an image to gain access to the victim's account in certain scenarios. A possible victim would need to directly open the supposed image in the....

CVE-2024-28085

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible....

CVE-2024-20314

A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all traffic processing, resulting in a denial of service (DoS) condition on an affected device....

CVE-2024-20314

A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all traffic processing, resulting in a denial of service (DoS) condition on an affected device....

Cisco IOS XE Software SD-Access Fabric Edge Node Denial of Service Vulnerability

A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all traffic processing, resulting in a denial of service (DoS) condition on an affected device....

Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions

A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users' systems and carry out malicious actions. "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly...

CVE-2024-2379

libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate...

CVE-2024-2466

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

CVE-2024-2398

When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead...

CVE-2024-2004

When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been.....

Chromium: CVE-2024-2883 Use after free in ANGLE

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...

Chromium: CVE-2024-2887 Type Confusion in WebAssembly

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...

Chromium: CVE-2024-2885 Use after free in Dawn

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...

Chromium: CVE-2024-2886 Use after free in WebCodecs

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...

Microsoft Edge (Chromium) < 122.0.2365.113 / 123.0.2420.65 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 122.0.2365.113 / 123.0.2420.65. It is, therefore, affected by multiple vulnerabilities as referenced in the March 27, 2024 advisory. Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote...

Linux kernel (Intel IoTG) vulnerabilities

Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages linux-intel-iotg - Linux kernel for Intel IoT platforms linux-intel-iotg-5.15 - Linux kernel for Intel IoT platforms Details It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle...

Microsoft Edge (Chromium-Based) Spoofing And Security Feature Bypass Vulnerabilities - Mar24

Microsoft Edge (Chromium-Based) is prone to multiple...

Cisco IOS XE Software SD Access Fabric Edge Node DoS (cisco-sa-ios-xe-sda-edge-dos-qZWuWXWG)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and...

KLA65334 Multiple vulnerabilities in Microsoft Browser

Detect date: 03/27/2024 Severity: Critical Description: Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Affected products: Microsoft Edge (Chromium-based)...

K000139064 : Apache vulnerabilities CVE-2009-2299, CVE-2012-3526, CVE-2012-4001, and CVE-2012-4360

Security Advisory Description CVE-2009-2299 The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via...

CVE-2024-2887

Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity:...

CVE-2024-2955

T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture...

CVE-2023-6175

NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture...

K000139043 : Apache Struts vulnerabilities CVE-2016-4430, CVE-2016-4431, and CVE-2016-4433

Security Advisory Description CVE-2016-4430 Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. CVE-2016-4431 Apache Struts 2 2.3.20 through 2.3.28.1 allows remote...