Alp-al00b, Alp-tl00b, Bla-al00b, Bla-l09c, Bla-l29c Security Vulnerabilities

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:2859-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2023:2808-1)

The remote host is missing an update for...

The Battle Against Business Logic Attacks: Why Traditional Security Tools Fall Short

As the digital landscape continues to evolve, so do the tactics utilized by bad actors that are seeking to exploit application vulnerabilities. Among the most insidious types of attacks are business logic attacks (BLAs). Unlike known attacks, which can be identified by signatures or patterns, such....

Business Logic Attacks: Why Should You Care?

Imagine this: You've just launched an amazing new application with top-of-the-line API security, reinforced it with client-side protection, and even set up defenses against bot attacks. You're feeling safe and secure, congratulating yourself on a job well done. But, despite all your efforts, your.....

YARPP - Yet Another Related Posts Plugin < 5.30.3 - Subscriber+ SQLi

The plugin does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection...

Researcher Spotlight: How David Liebenberg went from never having opened Terminal to hunting international APTs

When Dave Liebenberg started his first day at Talos, he had never even opened Terminal on a Mac before -- let alone written a Snort rule or infiltrated a dark web forum. He jokes that he was a trendsetter at Talos, becoming the first of many to break into security without having any prior...

X (Formerly Twitter): Ability to getting Twitter Blue verified badge without purchase it

Summary: Hi there. In this report, I submit a bug about getting Twitter Blue verified badge without purchasing it. Steps To Reproduce: First, you should buy a Twitter Blue subscription for your account. Change the profile photo of your Twitter account 1 day before your Twitter Blue...

Ubuntu Server snap-confine must_mkdir_and_open_with_perms() Race Condition Vulnerability

Qualys discovered a race condition (CVE-2022-3328) in snap-confine, a SUID-root program installed by default on Ubuntu. In this advisory,they tell the story of this vulnerability (which was introduced in February 2022 by the patch for CVE-2021-44731) and detail how they exploited it in Ubuntu...

snap-confine must_mkdir_and_open_with_perms() Race Condition

...

CATS - REST API Fuzzer And Negative Testing Tool For OpenAPI Endpoints

REST API fuzzer and negative testing tool. Run thousands of self-healing API tests within minutes with no coding effort! Comprehensive: tests are generated automatically based on a large number scenarios and cover every field and header Intelligent: tests are generated based on data types and...

A.S. Watson Group : PII Disclosure At `theperfumeshop.com/register/forOrder`

Summary: Hello there! I found a way to accesing any user's PII (full address, phone number, full name, ** all orders**, payment details [if the victim already saved before] ) who created a order in The Perfume Shop. This is happening via https://theperfumeshop.com/register/forOrder endpoint. I...

Unbreakable Enterprise kernel-container security update

[4.14.35-2047.511.5.2.el7] - cgroup-v1: Require capabilities to set release_agent (Eric W. Biederman) [Orabug: 33876756] {CVE-2022-0492} - scsi: libiscsi: Hold back_lock when calling iscsi_complete_task (Gulam Mohamed) [Orabug: 33876755] [4.14.35-2047.511.5.1] - arm64, mm, efi: Account for...

Unbreakable Enterprise kernel security update

[4.14.35-2047.511.5.2] - cgroup-v1: Require capabilities to set release_agent (Eric W. Biederman) [Orabug: 33876756] {CVE-2022-0492} - scsi: libiscsi: Hold back_lock when calling iscsi_complete_task (Gulam Mohamed) [Orabug: 33876755] [4.14.35-2047.511.5.1] - arm64, mm, efi: Account for GICv3...

alp-bayern.de Improper Access Control vulnerability OBB-2232377

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2021-22440

There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly...

CVE-2021-22440

There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly...

CVE-2020-9247

There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a...

CVE-2020-9247

There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a...

Buffer overflow

There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a...

CVE-2020-9247

There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a...

CVE-2020-9109

There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful...

CVE-2020-9109

There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful...

openSUSE Security Update : the Linux Kernel (openSUSE-2020-1586)

The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-0404: In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local ...