SIMATIC ET200pro, IM 154-3 PN HF Security Vulnerabilities

CVE-2024-37371

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length...

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Open Container Initiative runc

Summary Multiple vulnerabilities in Open Container Initiative runc used by IBM InfoSphere Information Server were addressed. Vulnerability Details ** CVEID: CVE-2024-21626 DESCRIPTION: **Open Container Initiative runc could allow a remote attacker to bypass security restrictions, caused by an...

CVE-2024-37370

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the...

CVE-2024-29040

This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure TPMS_ATTEST. For the field TPM2_GENERATED magic of this structure any number can.....

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Kubernetes

Summary Multiple vulnerabilities in Kubernetes used by IBM InfoSphere Information Server were addressed. Vulnerability Details ** CVEID: CVE-2020-8562 DESCRIPTION: **Kubernetes could allow a remote authenticated attacker to obtain sensitive information, caused by a time-of-check time-of-use...

Friday Squid Blogging: New Squid Species

A new squid species--of the Gonatidae family--was discovered. The video shows her holding a brood of very large eggs. Research...

Metasploit Weekly Wrap-Up 06/28/2024

Unauthenticated Command Injection in Netis Router This week's Metasploit release includes an exploit module for an unauthenticated command injection vulnerability in the Netis MW5360 router which is being tracked as CVE-2024-22729. The vulnerability stems from improper handling of the password...

Exploit for Use After Free in Arm Avalon Gpu Kernel Driver

Exploit for CVE-2022-46395 The write up can be found...

Security Bulletin: Vulnerability in tqdm affects IBM Process Mining CVE-2024-34062

Summary There is a vulnerability in tqdm that could allow an local authenticated attacker to execute arbitrary code on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID:...

Security Bulletin: Vulnerability in Jinja affects IBM Process Mining CVE-2024-34064

Summary There is a vulnerability in Jinja that could allow an attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability....

runc vulnerable to container breakout through process.cwd trickery and leaked fds in github.com/opencontainers/runc

runc vulnerable to container breakout through process.cwd trickery and leaked fds in...

Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation in k8s.io/ingress-nginx

Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation in...

Token leases could outlive their TTL in HashiCorp Vault in github.com/hashicorp/vault

Token leases could outlive their TTL in HashiCorp Vault in...

Security Bulletin: Vulnerability in Bouncy Castle Crypto Package For Java affects IBM Process Mining CVE-2024-30171

Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an remote authenticated attacker to obtain sensitive information on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability....

Security Bulletin: Vulnerability in Bouncy Castle Crypto Package For Java affects IBM Process Mining CVE-2024-34447

Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to perform a DNS poisoning attack on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

Security Bulletin: Vulnerability in Netty affects IBM Process Mining CVE-2024-29025

Summary There is a vulnerability in Netty that could allow an attacker to cause a denial of service condition on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-29025 ...

Security Bulletin: Vulnerability in Bouncy Castle Crypto Package For Java affects IBM Process Mining CVE-2024-30172

Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to cause a denial of service condition on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability...

Security Bulletin: Vulnerability in Pydantic affects IBM Process Mining CVE-2024-3772

Summary There is a vulnerability in Pydantic that could allow an attacker to cause a denial of service on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-3772 ...

Security Bulletin: Vulnerability in Node.js affects IBM Process Mining CVE-2024-28849

Summary There is a vulnerability in Node.js that could allow an remote authenticated attacker to obtain sensitive information on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID:...

Security Bulletin: Vulnerability in VMware Tanzu Spring Framework affects IBM Process Mining CVE-2024-22262

Summary There is a vulnerability in VMware Tanzu Spring Framework that could allow a remote attacker to conduct phishing attacks on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID:....

Security Bulletin: Vulnerability in Gunicorn affects IBM Process Mining CVE-2024-1135

Summary There is a vulnerability in Gunicorn that could allow an attacker to conduct XSS attacks on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-1135 DESCRIPTION:...

Security Bulletin: Vulnerability in Bouncy Castle Crypto Package For Java affects IBM Process Mining CVE-2024-29857

Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to cause excessive CPU consumption on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details.....

Security Bulletin: Vulnerability in sqlparse affects IBM Process Mining CVE-2024-4340

Summary There is a vulnerability in sqlparse that could allow an attacker to cause a denial of service condition on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-4340 .....

Security Bulletin: Vulnerability in Pallets Werkzeug affects IBM Process Mining CVE-2024-34069

Summary There is a vulnerability in Pallets Werkzeug that could allow an attacker to gain elevated privileges on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-34069 ...

3 More Plugins Infected in WordPress.org Supply Chain Attack Due to Compromised Developer Passwords

Update #1: As of 12:36PM EST, another plugin has been infected. We've updated the list below to include this fourth plugin and the plugins team has been notified. Update #2: As of 2:20 PM EST, two more plugins appear to have malicious commits, however, the releases have not officially been made...

Exploit for CVE-2024-34102

🇮🇱 **#BringThemHome...

CVE-2024-37741

OpenPLC 3 through 9cd8f1b allows XSS via an SVG document as a profile...

CVE-2024-37741

OpenPLC 3 through 9cd8f1b allows XSS via an SVG document as a profile...

Glastonbury ticket hijack vulnerability fixed

The Glastonbury ticket website was vulnerable to a relatively simple attack that that allowed ticket theft and data leakage. What’s the issue? An attacker could scrape collaborative ticket buying websites (e.g. Reddit) to gather people’s details, use a flaw in the registration process and session.....

CVE-2024-5737

Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before...

CVE-2024-5737

Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before...

CVE-2024-5736

Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before...

CVE-2024-5735

Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before...

CVE-2024-5736

Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before...

CVE-2024-5735

Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before...

8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining

Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. "The threat actor employs fileless execution techniques, using DLL reflective and process injection, allowing the malware...

CVE-2024-5737 HTML Injection in AdmirorFrames Joomla! Extension

Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before...

CVE-2024-5736 SSRF in AdmirorFrames Joomla! Extension

Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before...

CVE-2024-5736 SSRF in AdmirorFrames Joomla! Extension

Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before...

CVE-2024-5735 Full Path Disclosure in AdmirorFrames Joomla! Extension

Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before...

Combatting the Evolving SaaS Kill Chain: How to Stay Ahead of Threat Actors

The modern kill chain is eluding enterprises because they aren't protecting the infrastructure of modern business: SaaS. SaaS continues to dominate software adoption, and it accounts for the greatest share of public cloud spending. But enterprises and SMBs alike haven't revised their security...

CVE-2024-37282

It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated...

CVE-2024-37282

It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated...

CVE-2024-37282

It was identified that under certain specific preconditions, an API key that was originally created with a specific privileges could be subsequently used to create new API keys that have elevated...

[SECURITY] Fedora 40 Update: emacs-29.4-3.fc40

Emacs is a powerful, customizable, self-documenting, modeless text editor. Emacs contains special code editing features, a scripting language (elisp), and the capability to read mail, news, and more without leaving the editor. This package provides an emacs binary with support for Wayland, using...

Name confusion in x509 Subject Alternative Name fields

In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, some characters in Subject Alternative Name fields in TLS certificates are incorrectly allowed to have a special meaning in regular expressions (such as a + wildcard), leading to name confusion in X.509 certificate host...

Name confusion in x509 Subject Alternative Name fields

In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, some characters in Subject Alternative Name fields in TLS certificates are incorrectly allowed to have a special meaning in regular expressions (such as a + wildcard), leading to name confusion in X.509 certificate host...

AlmaLinux 9 : pki-core (ALSA-2024:4165)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4165 advisory. * dogtag ca: token authentication bypass vulnerability (CVE-2023-4727) Tenable has extracted the preceding description block directly from the AlmaLinux security...

Oracle Linux 9 : pki-core (ELSA-2024-4165)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4165 advisory. [11.5.0-2.0.1] - Replaced upstream graphical references [Orabug: 33952704] [11.5.0-2] - RHEL-9916 CVE-2023-4727 pki-core: dogtag ca: token authentication bypass.....

VMware ESXi 7.0 / 8.0 Out-of-Bounds read (CVE-2024-37086)

The version of VMware ESXi installed on the remote host is prior to 7.0 Update 3q or 8.0 prior to 8.0 Update 3. It is, therefore, affected by an out-of-bounds read vulnerability as referenced in the VMSA-2024-0013 advisory: Note that Nessus has not tested for these issues but has instead relied...