Plug'n Play Firewall Security Vulnerabilities

K000137871 : Linux kernel vulnerability CVE-2023-35001

Security Advisory Description Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace (CVE-2023-35001) Impact This vulnerability may allow an authenticated attacker with local access to...

K000137887 : Oracle GraalVM vulnerability CVE-2023-22091

Security Advisory Description Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3......

K000137875 : PostGreSQL vulnerability CVE-2018-1058

Security Advisory Description A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected....

CVE-2023-49805

Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, the application uses WebSocket (with Socket.io), but it does not verify that the source of communication is valid. This allows third-party website to access the application on behalf of their client. When...

CVE-2023-49805

Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, the application uses WebSocket (with Socket.io), but it does not verify that the source of communication is valid. This allows third-party website to access the application on behalf of their client. When...

CVE-2023-49805

Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, the application uses WebSocket (with Socket.io), but it does not verify that the source of communication is valid. This allows third-party website to access the application on behalf of their client. When...

Cross site request forgery (csrf)

Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, the application uses WebSocket (with Socket.io), but it does not verify that the source of communication is valid. This allows third-party website to access the application on behalf of their client. When...

CVE-2023-49805 Uptime Kuma Missing Origin Validation in WebSockets

Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, the application uses WebSocket (with Socket.io), but it does not verify that the source of communication is valid. This allows third-party website to access the application on behalf of their client. When...

Living our Values and Leveraging Diverse Skill Sets: How Jonathan Atwood Built a Successful Career as a Customer Advisor at Rapid7

At Rapid7, our Customer Advisors play a pivotal role at ensuring our customers understand their threat landscape – and feel confident in their security programs. By collaborating across various internal teams, strengthening customer relationships, and proactively seeking solutions and advocating...

Critical Unauthenticated Remote Code Execution Found in Backup Migration Plugin

Wordfence just launched its bug bounty program. Through December 20th 2023, all researchers will earn 6.25x our normal bounty rates when Wordfence handles responsible disclosure for our Holiday Bug Extravaganza! The researcher who reported this vulnerability was awarded $2,751.00! Register as a...

Operation Blacksmith: Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang

Cisco Talos recently discovered a new campaign conducted by the Lazarus Group we're calling "Operation Blacksmith," employing at least three new DLang-based malware families, two of which are remote access trojans (RATs), where one of these uses Telegram bots and channels as a medium of command...

Douglas-042 - Powershell Script To Help Speed ​​Up Threat Hunting Incident Response Processes

DOUGLAS-042 stands as an ingenious embodiment of a PowerShell script meticulously designed to expedite the triage process and facilitate the meticulous collection of crucial evidence derived from both forensic artifacts and the ephemeral landscape of volatile data. Its fundamental mission revolves....

SpyLoan Scandal: 18 Malicious Loan Apps Defraud Millions of Android Users

Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play Store that have been collectively downloaded over 12 million times. "Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans...

Insights into your unpatched vulnerabilities

Every day, nearly 70 brand-new vulnerabilities are discovered in software products around the world. That’s almost 25,550 new problems each year, of which roughly 4,250 (or every one-in-six) will be classified as “critical.” But with little guidance beyond “critical” classifications—and with the...

Story of the year: the impact of AI on cybersecurity

In the whirlwind of technological advancements and societal transformations, the term "AI" has undoubtedly etched itself into the forefront of global discourse. Over the past twelve months, this abbreviation has resonated across innumerable headlines, business surveys and tech reports, firmly...

JVN#34145838: Multiple denial-of-service (DoS) vulnerabilities in JTEKT ELECTRONICS HMI GC-A2 series

HMI GC-A2 series provided by JTEKT ELECTRONICS CORPORATION contains multiple denial-of-service (DoS) vulnerabilities listed below. Denial-of-service (DoS) vulnerability in FTP service (CWE-400) - CVE-2023-41963 Version| Vector| Score ---|---|--- CVSS v3|...

K000137864 : Squid vulnerabilities CVE-2023-46846, CVE-2023-46847, CVE-2023-46848

Security Advisory Description CVE-2023-46846 SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. CVE-2023-46847 Squid is vulnerable to a Denial of Service,...

FreeBSD : apache -- Apache ZooKeeper: Authorization bypass in SASL Quorum Peer Authentication (2bc376c0-977e-11ee-b4bc-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2bc376c0-977e-11ee-b4bc-b42e991fc52e advisory. Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum...

PSA: High Severity File Upload Vulnerability in Elementor Patched

On December 6, 2023, the Wordfence team noticed a changelog entry for version 3.18.1 of Elementor, a WordPress plugin installed on nearly 9 million sites. We did not discover the original vulnerability and only became aware of it after reviewing the changelog containing a partial patch. We...

Cybersecurity considerations to have when shopping for holiday gifts

As I wrote about last week, there are holiday shopping-related scams already popping up all over the place. But another aspect of security that many shoppers don't consider this time of year is the security of the products they're buying, even through a legitimate online marketplace. This is a...

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. Apache Tomcat is vulnerable to a denial of service (CVE-2023-44487), vulnerable to HTTP request smuggling (CVE-2023-45648), and could.....

Wordfence Intelligence Weekly WordPress Vulnerability Report (November 27, 2023 to December 3, 2023)

Wordfence just launched its bug bounty program. Through December 20th 2023, all researchers will earn 6.25x our normal bounty rates when Wordfence handles responsible disclosure for our Holiday Bug Extravaganza! Register as a researcher and submit your vulnerabilities today! Last week, there were.....

CVE-2023-47548

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed,...

CVE-2023-47548

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed,...

Open redirect

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed,...

CVE-2023-47548 WordPress Integrate Google Drive Plugin <= 1.3.2 is vulnerable to Open Redirection

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed,...

Hacking the Human Mind: Exploiting Vulnerabilities in the 'First Line of Cyber Defense'

_Humans are complex beings with consciousness, emotions, and the capacity to act based on thoughts. In the ever-evolving realm of cybersecurity, humans consistently remain primary targets for attackers. Over the years, these attackers have developed their expertise in exploiting various human...

PSA: Critical POP Chain Allowing Remote Code Execution Patched in WordPress 6.4.2

WordPress 6.4.2 was released today, on December 6, 2023. It includes a patch for a POP chain introduced in version 6.4 that, combined with a separate Object Injection vulnerability, could result in a Critical-Severity vulnerability allowing attackers to execute arbitrary PHP code on the site. We...

How IT teams can conduct a vulnerability assessment for third-party applications

Google Chrome, Adobe Acrobat Reader, TeamViewer, you name it—there’s no shortage of third-party apps that IT teams need to constantly check for vulnerabilities. But to get a better picture of the problem, let's bust out some napkin math. The average company uses about 200 applications overall....

ICANN Launches Service to Help With WHOIS Lookups

More than five years after domain name registrars started redacting personal data from all public domain registration records, the non-profit organization overseeing the domain industry has introduced a centralized online service designed to make it easier for researchers, law enforcement and...

Addressing post-quantum cryptography with CodeQL

When you hear the words, "quantum computing," it sounds like something out of a science fiction movie. Yet in recent years, quantum computing has become a hot topic, especially in the world of cryptography. Post-quantum cryptography raises many questions and challenges, and a group of researchers.....

Imperva Named an Overall Leader in the KuppingerCole Leadership Compass: API Security and Management Report

Imperva named an Overall Leader We're thrilled to share that Imperva has achieved the prestigious status of Overall Leader in the KuppingerCole Leadership Compass: API Security and Management report. Our Leadership excels across the sub-categories of Product, Innovation, and Market Leadership and.....

Cisco Adaptive Security Appliance and Firepower Threat Defense Software VPN Packet Validation Vulnerability

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper...

Security Advisory 0090

Security Advisory 0090 _._CSAF PDF Date: December 5, 2023 Revision | Date | Changes ---|---|--- 1.0 | December 5, 2023 | Initial release The CVE-ID tracking this issue: CVE-2023-24547 CVSSv3.1 Base Score: 5.9 (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H) Common Weakness Enumeration: CWE-212:...

FreeBSD -- TCP spoofing vulnerability in pf(4)

Problem Description: As part of its stateful TCP connection tracking implementation, pf performs sequence number validation on inbound packets. This makes it difficult for a would-be attacker to spoof the sender and inject packets into a TCP stream, since crafted packets must...

K000137798 : Dbus Subscription Manager vulnerability CVE-2023-3899

Security Advisory Description A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By...

FreeBSD-SA-23:17.pf

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:17.pf Security Advisory The FreeBSD Project Topic: TCP spoofing vulnerability in pf(4) Category: core Module: pf Announced: 2023-12-05 Credits: Yuxiang Yang,.....

FreeBSD : FreeBSD -- TCP spoofing vulnerability in pf(4) (9cbbc506-93c1-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9cbbc506-93c1-11ee-8e38-002590c1f29c advisory. As part of its stateful TCP connection tracking implementation, pf performs sequence number ...

K000137790 : Linux kernel vulnerability CVE-2023-3609

Security Advisory Description A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference...

K000137791 : Linux kernel vulnerability CVE-2023-35788

Security Advisory Description An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege...

Project PowerUp – Helping to keep the lights on in Ukraine in the face of electronic warfare

As Russia's invasion of Ukraine entered its first winter in late 2022, nearly half of Ukraine's energy infrastructure had been destroyed, leaving millions without power. The resulting energy deficit has exacerbated something that hasn't had much media attention: The effects of electronic GPS...

Imperva & Thales: Pioneering a New Era in Cybersecurity

Imperva has been a beacon of excellence for over twenty years in the digital protection landscape, where innovation is paramount. Renowned for its groundbreaking products, Imperva has not just secured applications, APIs, and data for the world's leading organizations but has done so with...

CVE-2023-42707

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42708

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42710

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42711

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42714

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42708

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42712

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-42713

In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...