Snapdragon Mobile, Small Cell SoC Security Vulnerabilities

IBM Cognos Analytics 11.1.1 < 11.1.7 FP8 / 11.2.x < 11.2.4 FP3 / 12.0.x < 12.0.2 (7123154)

The version of IBM Cognos Analytics installed on the remote host is prior to 11.1.7 FP8, 11.2.4 FP3, or 12.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the IBM Security Bulletin No. 7123154, including the following: When deserializing untrusted or corrupted data,...

ROS-20240425-08

The OpenSearch software family vulnerability is related to a bug in the parser where an input string of small size can cause it to use an undefined amount of memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...

Oracle Linux 8 : tigervnc (ELSA-2024-2037)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2037 advisory. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when...

Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder < 1.15.24 - Authenticated (Admin+) Stored Cross-Site Scripting

Description The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.15.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : FreeRDP vulnerabilities (USN-6749-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6749-1 advisory. FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow...

Unveiling the Hidden Power of the CMDB in Cybersecurity

In the ever-evolving landscape of cybersecurity, where attacks grow increasingly sophisticated, organizations must leverage every tool at their disposal to stay one step ahead. While CISOs and SecOps teams often focus on disciplines such as vulnerability detection, attack surface management, and...

ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices

*Updated 2024-04-25 16:57 GMT with minor wording corrections regarding the targeting of other vendors. ArcaneDoor is a campaign that is the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors. Coveted by these actors, perimeter network devices are...

Securing millions of developers through 2FA

Though technology has advanced significantly to combat the proliferation of sophisticated security threats, the reality is that preventing the next cyberattack depends on getting the security basics right, and efforts to secure the software ecosystem must protect the developers who design, build,.....

Assessing the Y, and How, of the XZ Utils incident

High-end APT groups perform highly interesting social engineering campaigns in order to penetrate well-protected targets. For example, carefully constructed forum responses on precision targeted accounts and follow-up "out-of-band" interactions regarding underground rail system simulator software.....

Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users

Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users' keystrokes to nefarious actors. The findings come from the Citizen Lab, which discovered weaknesses in eight of nine apps from vendors like Baidu, Honor, iFlytek, OPPO, Samsung, Tencent,...

CISO Perspectives on Complying with Cybersecurity Regulations

Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the security controls, policies, and activities they include. For CISOs and their teams, that means compliance is....

Fedora 38 : xorg-x11-server-Xwayland (2024-1706127797)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-1706127797 advisory. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when...

Dnsmasq vulnerabilities

Releases Ubuntu 18.04 ESM Ubuntu 16.04 ESM Packages dnsmasq - Small caching DNS proxy and DHCP/TFTP server Details USN-6657-1 fixed several vulnerabilities in Dnsmasq. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Elias...

Fedora 39 : xorg-x11-server-Xwayland (2024-5af98298c7)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5af98298c7 advisory. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when...

USF College of Engineering Presents Rapid7 With 2024 Corporate Impact Award

This past Friday, April 19, the University of South Florida (USF) College of Engineering recognized individuals and organizations who have greatly impacted USF and beyond at its ninth annual Engineering Honors Awards at The Armature Works in Tampa. I had the honor of joining my colleagues,...

[SECURITY] Fedora 40 Update: libfilezilla-0.47.0-1.fc40

libfilezilla is a small and modern C++ library, offering some basic functionality to build high-performing, platform-independent...

U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse

The U.S. Department of State on Monday said it's taking steps to impose visa restrictions on 13 individuals who are allegedly involved in the development and sale of commercial spyware or who are immediately family members of those involved in such businesses. "These individuals have facilitated...

Debian dla-3792 : ctdb - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3792 advisory. A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and...

Empowering Small Businesses in the Digital Age: A Must-Read Guide to Web Application & API Security

Small and medium-sized businesses have increasingly become reliant on web applications - whether they are developed or procured, to drive their operations, engage customers, and scale their businesses. The increasing reliance on online operations is underscored by 84% of businesses using digital...

Authelia's Group Changes may not have the expected results (YAML file backend)

Impact Under very specific conditions changes to a users groups may not have the expected results. The specific conditions are: The file authentication backend is being used. The watch option is set to true. The refresh_interval is configured to a non-disabled value. The users groups are adjusted.....

Authelia's Group Changes may not have the expected results (YAML file backend)

Impact Under very specific conditions changes to a users groups may not have the expected results. The specific conditions are: The file authentication backend is being used. The watch option is set to true. The refresh_interval is configured to a non-disabled value. The users groups are adjusted.....

CVE-2023-38297

An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup (versionCode='3', versionName='2.1)....

CVE-2023-38297

An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup (versionCode='3', versionName='2.1)....

CVE-2023-38301

An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl 6 Pro 5G, and...

CVE-2023-38301

An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl 6 Pro 5G, and...

Take Command Summit: Take Breaches from Inevitable to Preventable on May 21

Registration is now open for Take Command, a day-long virtual summit in partnership with AWS. You do not want to miss it. You’ll get new attack intelligence, insight into AI disruption, transparent MDR partnerships, and more. In 2024, adversaries are using AI and new techniques, working in gangs...

Out-Of-Bounds Read

Pytorch is vulnerable to an Out-of-bounds Read. The vulnerability is caused due to a missing validation for mobile_ivalue_size_ variable for a value greater than ivalues-&gt;size() in function FlatbufferLoader::parseModule within torch/csrc/jit/mobile/flatbuffer_loader.cpp. This introduces potentia...

CVE-2023-38301

An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl 6 Pro 5G, and...

CVE-2023-38301

An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl 6 Pro 5G, and...

Dreamehome 2.1.5 Broken Authorization

...

CVE-2023-38297

An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup (versionCode='3', versionName='2.1)....

Fedora 39 : nodejs20 (2024-e28ccc9c17)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e28ccc9c17 advisory. An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2...

SUSE SLES15 Security Update : nodejs14 (SUSE-SU-2024:1355-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1355-1 advisory. The team has identified a vulnerability in the http server of the most recent version of Node, where malformed headers can...

SUSE SLES15 Security Update : nodejs12 (SUSE-SU-2024:1346-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1346-1 advisory. The team has identified a vulnerability in the http server of the most recent version of Node, where malformed headers can...

CVE-2024-31584

Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component...

CVE-2024-31584

Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component...

CVE-2024-31584

Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component...

CVE-2024-31584

Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component...

Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers

Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than 250 victims as of January 1, 2024. "Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities.....

CVE-2024-31584

Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component...

CVE-2024-31584

Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component...

Could the Brazilian Supreme Court finally hold people accountable for sharing disinformation?

If you're a regular reader of this newsletter, you already know about how strongly I feel about the dangers of spreading fake news, disinformation and misinformation. And honestly, if you're reading this newsletter, I probably shouldn't have to tell you about that either. But one of the things...

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 219 vulnerabilities disclosed in 209...

Use-after-free

Torch is vulnerable to a use-after-free vulnerability. The vulnerability is due to missing validation checks in the run function within interpreter.cpp, which can potentially lead to a Denial of Service...

[SECURITY] Fedora 39 Update: libfilezilla-0.47.0-1.fc39

libfilezilla is a small and modern C++ library, offering some basic functionality to build high-performing, platform-independent...

Amazon Linux 2 : tigervnc (ALAS-2024-2510)

The version of tigervnc installed on the remote host is prior to 1.8.0-24. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2510 advisory. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function....

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1322-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1322-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1321-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1321-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...

The Windows Registry Adventure #1: Introduction and research results

Posted by Mateusz Jurczyk, Google Project Zero In the 20-month period between May 2022 and December 2023, I thoroughly audited the Windows Registry in search of local privilege escalation bugs. It all started unexpectedly: I was in the process of developing a coverage-based Windows kernel fuzzer...

Amazon Linux 2 : xorg-x11-server (ALAS-2024-2511)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2511 advisory. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies,...