Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile Security Vulnerabilities

K000139810: Oracle Java vulnerability CVE-2024-20919

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK:.....

pcTattleTale spyware leaks database containing victim screenshots, gets website defaced

The idea behind the software is simple. When the spying party installs the stalkerware, they grant permission to record what happens on the targeted Android or Windows device. The observer can then log in on an online portal and activate recording, at which point a screen capture is taken on the...

CVE-2024-24919 Information disclosure

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is...

K000139794: Mozilla NSS vulnerability CVE-2023-5388

Security Advisory Description NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. (CVE-2023-5...

CVE-2023-50977

A flaw was found In gnome-shell. The GNOME Network Manager and GNOME Shell Portal Helper connectivity checks send DNS checks that, if intercepted, may be used to launch a GNOME Captive Portal in a WebKitGTK browser and load arbitrary HTML and Javascript code. Mitigation...

CVE-2023-50977

In GNOME Shell through 45.2, unauthenticated remote code execution can be achieved by intercepting two DNS requests (GNOME Network Manager and GNOME Shell Portal Helper connectivity checks), and responding with attacker-specific IP addresses. This DNS hijacking causes GNOME Captive Portal to be...

CVE-2023-50977

In GNOME Shell through 45.2, unauthenticated remote code execution can be achieved by intercepting two DNS requests (GNOME Network Manager and GNOME Shell Portal Helper connectivity checks), and responding with attacker-specific IP addresses. This DNS hijacking causes GNOME Captive Portal to be...

Exploit for CVE-2024-30056

Microsoft-Edge-Information-Disclosure CVE-2024-30056...

K000139793: MacOS vulnerability CVE-2023-41993

Security Advisory Description The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7....

IRZ Mobile Routers Cross-Site Request Forgery (CVE-2022-27226)

A CSRF issue in /api/crontab on iRZ Mobile Routers through 20.6.1 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat actor.....

mobile-university-anmeldung.de Cross Site Scripting vulnerability OBB-3930407

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

K000139525: Libexpat vulnerability CVE-2022-43680

Security Advisory Description In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. (CVE-2022-43680) Impact System performance degradation can occur until the process is forced to restart.....

BIT-hubble-relay-2022-29178

Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorrect default permissions vulnerability. Operating Systems with users belonging to the group ID 1000....

BIT-hubble-relay-2022-29179

Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Prior to versions 1.9.16, 1.10.11, and 1.11.15, if an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed,...

idm:DL1 security update

bind-dyndb-ldap [11.6-4] - Modify empty zone conflicts under exclusive mode Resolves: rhbz#2126877 [11.6-3] - Rebuild against bind 9.11.36 - Resolves: rhbz#2022762 [11.6-2] - Rebuild against bind 9.11.26 - Resolves: rhbz#1904612 [11.6-1] - New upstream release - Resolves: rhbz#1891735 [11.3-1] -...

pki-core:10.6 and pki-deps:10.6 security update

apache-commons-collections apache-commons-lang apache-commons-net bea-stax fasterxml-oss-parent [49-1] - Rebase to upstream version 49 [26-6] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild [26-5] - Fix license tag [26-4] - Rebuilt for...

K000139764: Apache HTTPD vulnerability CVE-2023-38709

Security Advisory Description Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. (CVE-2023-38709) Impact This vulnerability allows malicious or exploitable...

Apple and Google are taking steps to curb the abuse of location-tracking devices — but what about others?

Since the advent of products like the Tile and Apple AirTag, both used to keep track of easily lost items like wallets, keys and purses, bad actors and criminals have found ways to abuse them. These adversaries can range from criminals just looking to do something illegal for a range of reasons,...

Go-Secdump - Tool To Remotely Dump Secrets From The Windows Registry

Package go-secdump is a tool built to remotely extract hashes from the SAM registry hive as well as LSA secrets and cached hashes from the SECURITY hive without any remote agent and without touching disk. The tool is built on top of the library go-smb and use it to communicate with the Windows...

Frida-JIT-unPacker: An Imperva Contribution to the Security Research Community, Presented at Black Hat Asia 2024

In the ever-evolving landscape of cybersecurity threats, the battle against malicious bots is a critical concern for web applications. These bots, in addition to their ability to circumvent application security measures, are usually protected with advanced source code protection to prevent the...

Exploit for CVE-2024-3495

CVE-2024-3495-Poc CVE-2024-3495 Country State City Dropdown...

libssh security update

[0.9.6-14] - Fix CVE-2023-48795 Prefix truncation attack on Binary Packet Protocol (BPP) - Fix CVE-2023-6918 Missing checks for return values for digests - Fix CVE-2023-6004 ProxyCommand/ProxyJump features allow injection of malicious code through hostname - Note: version is bumped from 12 to 14...

kernel security, bug fix, and enhancement update

[4.18.0-553.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with...

systemd security update

[239-82.0.1] - Fixed deletion issue for symlink when device is opened [Orabug: 36228608] - Fix local-fs and remote-fs targets during system boot (replaces old Orabug: 25897792) [Orabug: 35871376] - 1A) Add 'systemd-fstab-generator-reload-targets.service' file [Orabug: 35871376] - 1B) Add required.....

CVE-2024-22026

A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the...

From trust to trickery: Brand impersonation over the email attack vector

Cisco recently developed and released a new feature to detect brand impersonation in emails when adversaries pretend to be a legitimate corporation. Talos has discovered a wide range of techniques threat actors use to embed and deliver brand logos via emails to their victims. Talos is providing...

CVE-2024-3495

The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Injection via the ‘cnt’ and 'sid' parameters in versions up to, and including, 2.7.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...

CVE-2024-0632

The Automatic Translator with Google Translate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom font setting in all versions up to, and including, 1.5.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2024-2088

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.3 via the 'nxs_getExpSettings' function. This makes it possible for authenticated attackers, with subscriber access and above, to extract...

CVE-2024-1762

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTTP_USER_AGENT header in all versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers....

CVE-2024-1446

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.4.3. This is due to missing or incorrect nonce validation on the nxssnap-reposter page. This makes it possible for unauthenticated attackers to...

CVE-2024-2088 NextScripts: Social Networks Auto-Poster <= 4.4.3 - Authenticated(Subscriber+) Sensitive Information Exposure

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.3 via the 'nxs_getExpSettings' function. This makes it possible for authenticated attackers, with subscriber access and above, to extract...

CVE-2024-1762 NextScripts: Social Networks Auto-Poster <= 4.4.3 - Unauthenticated Stored Cross-Site Scripting via User Agent

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTTP_USER_AGENT header in all versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers....

CVE-2024-1446 NextScripts: Social Networks Auto-Poster <= 4.4.3 - Cross-Site Request Forgery to Arbitrary Post Deletion

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.4.3. This is due to missing or incorrect nonce validation on the nxssnap-reposter page. This makes it possible for unauthenticated attackers to...

CentOS 8 : fence-agents (CESA-2024:2968)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:2968 advisory. urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response...

CentOS 8 : python-jinja2 (CESA-2024:3102)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2024:3102 advisory. Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject...

How to remove a user from a shared Android device

Some of our loyal readers may remember my little mishap when I was able to track my wife by accident after inadvertently adding myself to her phone as a user. For exactly that reason we want to warn against sharing devices and at least show you how to remove other people’s accounts from your...

Why Your Wi-Fi Router Doubles as an Apple AirTag

Image: Shutterstock. Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly...

CVE-2024-4988

The mobile application (com.transsion.videocallenhancer) interface has improper permission control, which can lead to the risk of private file...

CVE-2024-4988

The mobile application (com.transsion.videocallenhancer) interface has improper permission control, which can lead to the risk of private file...

Security Bulletin: IBM Cloud Pak for Network Automation 2.7.3 addresses multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.7.3 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2024-30260 DESCRIPTION: **Node.js undici module could allow a remote authenticated attacker to obtain sensitive information, caused by a...

K000139698: Python vulnerabilities CVE-2016-5636, and CVE-2023-36632

Security Advisory Description CVE-2016-5636 Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based...

Nethserver 7 / 8 Cross Site Scripting

...

K000139700: Linux kernel usbmon vulnerability CVE-2022-43750

Security Advisory Description drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory. (CVE-2022-43750) Impact This vulnerability may allow an attacker with local access to gain improper...

K000139691: Python vulnerabilities CVE-2022-48565, CVE-2018-1000802 and CVE-2016-9063

Security Advisory Description CVE-2022-48565 An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. CVE-2018-1000802 Python Software Foundation Python (CPython)...

K000139685: Python vulnerability CVE-2023-40217

Security Advisory Description An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into...

New Windows 11 features strengthen security to address evolving cyberthreat landscape

Ahead of the Microsoft Build 2024 conference, we announced a new class of Windows computers, Copilot+ PC. Alongside this exciting new class of PCs, we are introducing important security features and updates that make Windows 11 more secure for users and organizations and give developers the tools.....

Exploit for CVE-2024-3435

This is a Next.js project bootstrapped...

K000139680: MySQL2 vulnerability CVE-2024-21508

Security Advisory Description Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values. (CVE-2024-21508) Impact There is no impact; F5 products are not...

K000139682: Speculative race conditions vulnerabilities CVE-2024-2193 and CVE-2024-26602

Security Advisory Description CVE-2024-2193 A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data...