Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service...
7.5CVSS
7AI Score
0.001EPSS
Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service...
7.5CVSS
6.3AI Score
0.001EPSS
Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service...
7.5CVSS
7.2AI Score
0.001EPSS
Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service...
7.5CVSS
7.3AI Score
0.001EPSS
CVE-2023-3894 DOS in jackson-dataformats-text
Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service...
5.8CVSS
7.5AI Score
0.001EPSS
Ensuring Compliance with DORA: How Qualys Solutions Can Help
Introduction The Digital Operational Resilience Act (DORA) is a new regulation implemented by the European Union to ensure the stability and security of the financial sector. Coming into effect in 2022, DORA mandates enhanced cybersecurity and operational resilience standards for financial...
7.2AI Score
Code leaks are causing an influx of new ransomware actors
Ransomware gangs are consistently rebranding or merging with other groups, as highlighted in our 2022 Year in Review, or these actors work for multiple ransomware-as-a-service (RaaS) outfits at a time, and new groups are always emerging. This trend is already continuing this year. Since 2021,...
7.2AI Score
Lines of code ttps://github.com/code-423n4/2023-08-goodentry/blob/71c0c0eca8af957202ccdbf5ce2f2a514ffe2e24/contracts/GeVault.sol#L58 https://github.com/code-423n4/2023-08-goodentry/blob/71c0c0eca8af957202ccdbf5ce2f2a514ffe2e24/contracts/GeVault.sol#L108-L109 Vulnerability details Impact Any fees...
6.8AI Score
Wear OS Security Bulletin—August 2023
The Wear OS Security Bulletin contains details of security vulnerabilities affecting the Wear OS platform. The full Wear OS update comprises the security patch level of 2023-08-05 or later from the August 2023 Android Security Bulletin in addition to all issues in this bulletin. We encourage all...
7.8CVSS
7.4AI Score
0.001EPSS
AI is the Solution, Not the Problem
AI is the Solution, Not the Problem By Trellix · August 07, 2023 This story was also written by Oded Margalit. AI (Artificial Intelligence) / ML (Machine Learning) has recently been painted as the master evil. In this blog I would like to suggest a different view, where we can use it to make a...
6.7AI Score
AI is the Solution, Not the Problem
AI is the Solution, Not the Problem By Trellix · August 07, 2023 This story was also written by Oded Margalit. AI (Artificial Intelligence) / ML (Machine Learning) has recently been painted as the master evil. In this blog I would like to suggest a different view, where we can use it to make a...
6.6AI Score
Lines of code https://github.com/code-423n4/2023-08-goodentry/blob/71c0c0eca8af957202ccdbf5ce2f2a514ffe2e24/contracts/GeVault.sol#L108-L109 Vulnerability details Impact Any fees or funds sent to the treasury could potentially be stolen or manipulated Proof of Concept The treasury address can be...
6.8AI Score
The USDOMarketModule contract's lend function allows for dangerous call delegation
Lines of code Vulnerability details Impact The USDOMarketModule contract is a module that is used by the BaseUSDO contract to facilitate functionality for market actions. The module functionality is invoked through the invocation of a delegatecall within the BaseUSDO contract's _executeModule...
7.1AI Score
RTokenAsset price estimation accounts for margin of error twice
Lines of code https://github.com/reserve-protocol/protocol/blob/9ee60f142f9f5c1fe8bc50eef915cf33124a534f/contracts/plugins/assets/RTokenAsset.sol#L100-L115 Vulnerability details RTokenAsset estimates the price by multiplying the BU (basket unit) price estimation by the estimation of baskets held...
6.9AI Score
There is no decrease for the share allowance from _addCollateral when share passed zero
Lines of code Vulnerability details Impact When calling _addCollateral, and if the share passed as zero, it is calculated based on the passed amount. However, this happens after allowanceBorrow was already called in addCollateral. So, deduction never occur for the share. Eventually, the borrow...
6.9AI Score
The USDOOptionsModule contract's exercise function allows for dangerous call delegation
Lines of code Vulnerability details Impact The USDOOptionsModule contract is a module that is used by the BaseUSDO contract to facilitate functionality for oTap actions. The module functionality is invoked through the invocation of a delegatecall within the BaseUSDO contract's _executeModule...
7.1AI Score
The USDOLeverageModule contract's leverageUp function allows for dangerous call delegation
Lines of code Vulnerability details Impact The USDOLeverageModule contract is a module that is used by the BaseUSDO contract to facilitate functionality for leverage actions. The module functionality is invoked through the invocation of a delegatecall within the BaseUSDO contract's _executeModule.....
7.1AI Score
KRBUACBypass - UAC Bypass By Abusing Kerberos Tickets
This POC is inspired by James Forshaw (@tiraniddo) shared at BlackHat USA 2022 titled “_Taking _Kerberos To The Next Level ” topic, he shared a Demo of abusing Kerberos tickets to achieve UAC bypass. By adding a KERB-AD-RESTRICTION-ENTRY to the service ticket, but filling in a fake MachineID, we...
7.2AI Score
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
Since the discovery of the widespread VPNFilter malware in 2018, Cisco Talos researchers have been researching vulnerabilities in small and home office (SOHO) and industrial routers. During that research, Talos has worked with vendors to report and mitigate these vulnerabilities, totaling 141...
10CVSS
10.1AI Score
0.429EPSS
New SEC Rules around Cybersecurity Incident Disclosures
The US Securities and Exchange Commission adopted final rules around the disclosure of cybersecurity incidents. There are two basic rules: Public companies must "disclose any cybersecurity incident they determine to be material" within four days, with potential delays if there is a national...
6.8AI Score
Moxa NPort Information Disclosure (CVE-2020-12117)
Moxa Service in Moxa NPort 5150A firmware version 1.5 and earlier allows attackers to obtain sensitive configuration values via a crafted packet to UDP port 4800. NOTE: Moxa Service is an unauthenticated service that runs upon a first-time installation but can be disabled without ill effect. This.....
5.3CVSS
6.9AI Score
0.001EPSS
Jettison parser crash by stackoverflow
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack....
7.5CVSS
6.7AI Score
0.002EPSS
Jettison parser crash by stackoverflow
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack....
7.5CVSS
8.3AI Score
0.002EPSS
Lines of code https://github.com/code-423n4/2023-07-moonwell/blob/fced18035107a345c31c9a9497d0da09105df4df/src/core/Governance/TemporalGovernor.sol#L295-L342 Vulnerability details Impact in the _queueProposal function there is no check for if the requested time is passed to allow queue the...
6.8AI Score
New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data
A new Android malware strain called CherryBlos has been observed making use of optical character recognition (OCR) techniques to gather sensitive data stored in pictures. CherryBlos, per Trend Micro, is distributed via bogus posts on social media platforms and comes with capabilities to steal...
6.5AI Score
Closing vulnerabilities in Decidim, a Ruby-based citizen participation platform
This blog post describes two security vulnerabilities in Decidim, a digital platform for citizen participation. Both vulnerabilities were addressed by the Decidim team with corresponding update releases for the supported versions in May 2023. This blog post is not directly related to election...
7.5CVSS
6.8AI Score
0.001EPSS
setThreshold can bypass cool down period in setGSCAllowance
Lines of code https://github.com/code-423n4/2023-07-arcade/blob/main/contracts/ArcadeTreasury.sol#L308 Vulnerability details Impact setThreshold can bypass the cool down period in setGSCAllowance and decrease the gscAllowance[token]. Proof of Concept In setGSCAllowance, we add a cool-down period...
6.8AI Score
It's possible to block some user from voting for (or against) some proposal
Lines of code https://github.com/code-423n4/2023-07-arcade/blob/f8ac4e7c4fdea559b73d9dd5606f618d4e6c73cd/contracts/external/council/CoreVoting.sol#L234...
6.8AI Score
Every company has its own version of ChatGPT now
Welcome to this week's edition of the Threat Source newsletter. When I first started poking at ChatGPT a few months ago, I quickly learned that it wasn't quite ready to take my job (yet) and wasn't staying up to date on wrestling. Since ChatGPT went viral, several other companies have released...
6.8AI Score
Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to upload an arbitrary file to the content.....
5.4CVSS
5.5AI Score
0.002EPSS
Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to upload an arbitrary file to the content.....
5.7CVSS
6.7AI Score
0.002EPSS
Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to upload an arbitrary file to the content.....
5.7CVSS
5.4AI Score
0.002EPSS
Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to upload an arbitrary file to the content.....
5.4CVSS
5.4AI Score
0.002EPSS
Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to upload an arbitrary file to the content.....
5.7CVSS
5.7AI Score
0.002EPSS
Who Protects PII – Consumers or Companies?
Introduction Did you know that as a consumer, 25% of the apps you engage with are collecting your Personally Identifiable Information (PII)? Do you know why they are collecting it or where they are storing it? Also, do you realize as a company, General Data Protection Regulation (GDPR) fines can...
7.1AI Score
Making all attributes on a content-type public without noticing it
Summary Anyone (Strapi developers, users, plugins) can make every attribute of a Content-Type public without knowing it. Details When dealing with content-types inside a Strapi instance, we can extend those using the appropriate container: javascript...
7.1CVSS
6.7AI Score
0.001EPSS
Making all attributes on a content-type public without noticing it
Summary Anyone (Strapi developers, users, plugins) can make every attribute of a Content-Type public without knowing it. Details When dealing with content-types inside a Strapi instance, we can extend those using the appropriate container: javascript...
7.1CVSS
6.7AI Score
0.001EPSS
As Department of Defense (DoD) Chief Information Officer Hon. John Sherman said recently, Cybersecurity Maturity Model Certification (CMMC) is necessary to ensure that the United States raises the bar for protecting sensitive information.1 The DoD is leading by example towards this goal by...
6.9AI Score
ISSUE DESCRIPTION Researchers at Google have discovered Zenbleed, a hardware bug causing corruption of the vector registers. When a VZEROUPPER instruction is discarded as part of a bad transient execution path, its effect on internal tracking are not unwound correctly. This manifests as the wrong.....
5.5CVSS
6.7AI Score
0.001EPSS
China’s Breach of Microsoft Cloud Email May Expose Deeper Problems
Plus: Microsoft expands access to premium security features, AI child sexual abuse material is on the rise, and Netflix’s password crackdown has its intended...
7.1AI Score
Estée Lauder targeted by Cl0p and BlackCat ransomware groups
Estee Lauder is currently at the heart of a compromise storm, revealing a major security issue via a Security Exchange Commission (SEC) filing on Tuesday. Although no detailed explanation of what has taken place is given, there is confirmation that an attack allowed access to some systems and...
7AI Score
Local Governments Targeted for Ransomware – How to Prevent Falling Victim
Regardless of the country, local government is essential in most citizens' lives. It provides many day-to-day services and handles various issues. Therefore, their effects can be far-reaching and deeply felt when security failures occur. In early 2023, Oakland, California, fell victim to a...
7.1AI Score
InterchainTokenService.expressReceiveTokenWithData does not apply Check-Effect-Interaction mode
Lines of code Vulnerability details Impact InterchainTokenService.expressReceiveTokenWithData does not apply the Check-Effect-Interaction pattern. In some edge cases, the caller can lose funds. Proof of Concept The life cycle of sending token across chains contains 3 phases: //P1: launch on source....
7.1AI Score
Welcome to this week's edition of the Threat Source newsletter. Last week, the Biden administration released its formal roadmap for its national cybersecurity initiative meant to encourage greater investment in cybersecurity and strengthen the U.S.'s critical infrastructure security (and more)....
8.8CVSS
7.8AI Score
0.002EPSS
Microsoft Expands Cloud Logging to Counter Rising Nation-State Cyber Threats
Microsoft on Wednesday announced that it's expanding cloud logging capabilities to help organizations investigate cybersecurity incidents and gain more visibility after facing criticism in the wake of a recent espionage attack campaign aimed at its email infrastructure. The tech giant said it's...
6.8AI Score
Accidental VirusTotal upload is a valuable reminder to double check what you share
A document accidentally uploaded to Google's VirusTotal service has resulted in the potential exposure of defence and intelligence agency names and email addresses. The service, used to scan files for signs of potential malicious activity, is used by security professionals and folks just...
7AI Score
grav Server-side Template Injection (SSTI) mitigation bypass
Summary The fix for SSTI using |map, |filter and |reduce twigs implemented in the commit 71bbed1 introduces bypass of the denylist due to incorrect return value from isDangerousFunction(), which allows to execute the payload prepending double backslash (\) Details The isDangerousFunction() check...
8.8CVSS
7.4AI Score
0.001EPSS
grav Server-side Template Injection (SSTI) mitigation bypass
Summary The fix for SSTI using |map, |filter and |reduce twigs implemented in the commit 71bbed1 introduces bypass of the denylist due to incorrect return value from isDangerousFunction(), which allows to execute the payload prepending double backslash (\) Details The isDangerousFunction() check...
8.8CVSS
7.4AI Score
0.001EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
The Log4j vulnerability, also known as "Log4Shell" or...
10CVSS
10AI Score
0.976EPSS
Expanding cloud logging to give customers deeper security visibility
In response to the increasing frequency and evolution of nation-state cyberthreats, Microsoft is taking additional steps to protect our customers and increase the secure-by-default baseline of our cloud platforms. These steps are the result of close coordination with commercial and government...
7.1AI Score