Banking@home Security Vulnerabilities

Stable Channel Update for Desktop

The Stable channel has been updated to 124.0.6367.118/.119 for Windows, Mac and 124.0.6367.118 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. The Extended Stable channel has been updated to 124.0.6367.118 for Mac and Windows.....

Galah - An LLM-powered Web Honeypot Using The OpenAI API

TL;DR: Galah (/ɡəˈlɑː/ - pronounced 'guh-laa') is an LLM (Large Language Model) powered web honeypot, currently compatible with the OpenAI API, that is able to mimic various applications and dynamically respond to arbitrary HTTP requests. Description Named after the clever Australian parrot known.....

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1454-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1454-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: sprd: fix reference leak when pm_runtime_get_sync...

Exploit for CVE-2023-2255

Command to execute the creation...

RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2018:3730)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3730 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...

RHEL 7 : rh-ruby25-ruby (RHSA-2018:3731)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3731 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...

RHEL 6 / 7 : rh-ruby23-ruby (RHSA-2018:3729)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3729 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...

Ring agrees to pay $5.6 million after cameras were used to spy on customers

Amazon's Ring has settled with the Federal Trade Commission (FTC) over charges that the company allowed employees and contractors to access customers' private videos, and failed to implement security protections which enabled hackers to take control of customers’ accounts, cameras, and videos. The....

Grassroot DICOM JPEG2000Codec::DecodeByStreamsCommon out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2024-1935 Grassroot DICOM JPEG2000Codec::DecodeByStreamsCommon out-of-bounds write vulnerability April 25, 2024 CVE Number CVE-2024-22373 SUMMARY An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu...

Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1944 Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability April 25, 2024 CVE Number CVE-2024-25569 SUMMARY An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A...

Securing millions of developers through 2FA

Though technology has advanced significantly to combat the proliferation of sophisticated security threats, the reality is that preventing the next cyberattack depends on getting the security basics right, and efforts to secure the software ecosystem must protect the developers who design, build,.....

Stable Channel Update for Desktop

The Stable channel has been updated to 124.0.6367.78/.79 for Windows and Mac and 124.0.6367.78 to Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. The Extended Stable channel has been updated to 124.0.6367.78/.79 for Windows and...

Security Advisory - Connection Hijacking Vulnerability in Some Huawei Home Routers

A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-34408) This vulnerability has been assigned a...

Google ad for Facebook redirects to scam

Today, we are looking at a malicious ad campaign targeting Facebook users via Google search. It is well-known that tech support scammers attract new victims by buying ads for certain keywords related to their audience. What is perhaps less known is how it is even possible to impersonate top brands....

Renovate vulnerable to arbitrary command injection via helmv3 manager and registryAliases

Summary Attackers with commit access to the default branch of a repo using Renovate could manipulate helmv3 registryAliases to execute arbitrary commands. Details Since #26848, registryAliases has become mergeable. This means that the helmv3 manager started honoring its value and uses a helm repo.....

Renovate vulnerable to arbitrary command injection via helmv3 manager and registryAliases

Summary Attackers with commit access to the default branch of a repo using Renovate could manipulate helmv3 registryAliases to execute arbitrary commands. Details Since #26848, registryAliases has become mergeable. This means that the helmv3 manager started honoring its value and uses a helm repo.....

CVE-2024-2760

Bkav Home v7816, build 2403161130 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x222240 IOCTL code of the BkavSDFlt.sys...

CVE-2024-2760

Bkav Home v7816, build 2403161130 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x222240 IOCTL code of the BkavSDFlt.sys...

CVE-2024-2760 Bkav Home v7816, build 2403161130 - Kernel Memory Leak

Bkav Home v7816, build 2403161130 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x222240 IOCTL code of the BkavSDFlt.sys...

OFFIS DCMTK DVPSSoftcopyVOI_PList::createFromImage incorrect type conversion vulnerability

Talos Vulnerability Report TALOS-2024-1957 OFFIS DCMTK DVPSSoftcopyVOI_PList::createFromImage incorrect type conversion vulnerability April 23, 2024 CVE Number CVE-2024-28130 SUMMARY An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of...

Empowering Small Businesses in the Digital Age: A Must-Read Guide to Web Application & API Security

Small and medium-sized businesses have increasingly become reliant on web applications - whether they are developed or procured, to drive their operations, engage customers, and scale their businesses. The increasing reliance on online operations is underscored by 84% of businesses using digital...

A week in security (April 15 – April 21)

Last week on Malwarebytes Labs: Law enforcement reels in phishing-as-a-service whopper Mental health company Cerebral failed to protect sensitive personal data, must pay $7 million Cannabis investment scam JuicyFields ends in 9 arrests Should you share your location with your partner? Giant Tiger.....

Dreamehome 2.1.5 Broken Authorization

...

Laravel Framework 11 Credential Disclosure

...

Laravel Framework 11 - Credential Leakage Vulnerability

...

Laravel Framework 11 - Credential Leakage

...

CVE-2024-32334

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall...

CVE-2024-32335

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless...

CVE-2024-32334

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall...

CVE-2024-32335

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless...

CVE-2024-32326

TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the key parameter in the setWiFiExtenderConfig...

CVE-2024-32326

TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the key parameter in the setWiFiExtenderConfig...

CVE-2024-32327

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall...

CVE-2024-32333

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall...

CVE-2024-32325

TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the ssid parameter in the setWiFiExtenderConfig...

CVE-2024-32332

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in WDS Settings under the Wireless...

CVE-2024-32325

TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the ssid parameter in the setWiFiExtenderConfig...

CVE-2024-32327

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall...

CVE-2024-32332

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in WDS Settings under the Wireless...

CVE-2024-32333

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall...

Dolibarr Application Home Page has HTML injection vulnerability

Summary Observed a HTML Injection vulnerbaility in the Home page of Dolibarr Application. This vulnerability allows an attacker to inject arbitrary HTML tags and manipulate the rendered content in the application's response. Specifically, I was able to successfully inject a new HTML tag into the...

Dolibarr Application Home Page has HTML injection vulnerability

Summary Observed a HTML Injection vulnerbaility in the Home page of Dolibarr Application. This vulnerability allows an attacker to inject arbitrary HTML tags and manipulate the rendered content in the application's response. Specifically, I was able to successfully inject a new HTML tag into the...

Exploit for Command Injection in Paloaltonetworks Pan-Os

CVE-2024-3400 Simple Python code to check for arbitrary...

Cannabis investment scam JuicyFields ends in 9 arrests

Europol and its associates have arrested 9 people in conjunction with a cannabis investment scam known as "JuicyFields". The suspects used social media to lure investors to their website. There they found information about a “golden opportunity” to invest in the cultivation, harvesting and...

CVE-2024-3948

A vulnerability was found in SourceCodester Home Clean Service System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file \admin\student.add.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack may be...

CVE-2024-3948

A vulnerability was found in SourceCodester Home Clean Service System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file \admin\student.add.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack may be...

CVE-2024-3948 SourceCodester Home Clean Service System Photo student.add.php unrestricted upload

A vulnerability was found in SourceCodester Home Clean Service System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file \admin\student.add.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack may be...

CVE-2024-32335

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless...

CVE-2024-32334

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall...

CVE-2024-32325

TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the ssid parameter in the setWiFiExtenderConfig...