Where's My Perry Security Vulnerabilities

Oracle Linux 8 : glibc (ELSA-2024-2722)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2722 advisory. The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to...

Rocky Linux 8 : glibc (RLSA-2024:2722)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2722 advisory. The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-1570)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we...

AIX is vulnerable to a denial of service due to libxml2 (CVE-2024-25062)

IBM SECURITY ADVISORY First Issued: Wed May 8 16:18:28 CDT 2024 |Updated: Tue Jun 4 15:20:02 CDT 2024 |Update: iFix added for VIOS 3.1.4.31. The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/libxml2_advisory6.asc Security Bulletin: AIX...

How implementing a trust fabric strengthens identity and network

The identity security landscape is transforming rapidly. Every digital experience and interaction is an opportunity for people to connect, share, and collaborate. But first, we need to know we can trust those digital experiences and interactions. Customers note a massive rise in the sheer number...

glibc security update

[2.28-236.0.1.13] - Forward port of Oracle patches. Reviewed-by: Jose E....

curl: Incorrect Type Conversion in interpreting IPv4-mapped IPv6 addresses and below `curl` results in indeterminate SSRF vulnerabilities.

Summary: Octal Type Handling of Errors in IPv4 Mapped IPv6 Addresses in curl allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many programs that rely on curl. RFC 4291 defines ways to embed an IPv4 address into IPv6 addresses. One of the methods...

Minder's GitHub Webhook Handler vulnerable to DoS from un-validated requests

Minder's HandleGithubWebhook is susceptible to a denial of service attack from an untrusted HTTP request. The vulnerability exists before the request has been validated, and as such the request is still untrusted at the point of failure. This allows an attacker with the ability to send requests to....

Minder's GitHub Webhook Handler vulnerable to DoS from un-validated requests

Minder's HandleGithubWebhook is susceptible to a denial of service attack from an untrusted HTTP request. The vulnerability exists before the request has been validated, and as such the request is still untrusted at the point of failure. This allows an attacker with the ability to send requests to....

(RHSA-2024:2722) Important: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): ....

Important: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): ....

RHEL 8 : glibc (RHSA-2024:2722)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2722 advisory. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6765-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6765-1 advisory. In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed...

Print My Blog – Print, PDF, & eBook Converter WordPress Plugin < 3.26.3 - Missing Authorization

Description The Print My Blog – Print, PDF, & eBook Converter WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions like the saveProjectGenerate() function in all versions up to, and including, 3.26.2. This...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6767-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6767-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able...

CVE-2024-33907

Missing Authorization vulnerability in Michael Nelson Print My Blog.This issue affects Print My Blog: from n/a through...

CVE-2024-33907

Missing Authorization vulnerability in Michael Nelson Print My Blog.This issue affects Print My Blog: from n/a through...

CVE-2024-33907 WordPress Print My Blog plugin <= 3.26.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Michael Nelson Print My Blog.This issue affects Print My Blog: from n/a through...

AIX is vulnerable to privilege escalation (CVE-2024-27273)

IBM SECURITY ADVISORY First Issued: Mon May 6 08:12:16 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/kernel_advisory7.asc Security Bulletin: AIX is vulnerable to privilege escalation (CVE-2024-27273)...

Exploit for Missing Authentication for Critical Function in Microsoft

BadBlue (Windows) CVE-2024-21306 BadBlue implementation...

Exploit for Missing Authentication for Critical Function in Microsoft

BadBlue (Windows) CVE-2024-21306 BadBlue implementation...

Android Automotive OS Update Bulletin—May 2024

The Android Automotive OS (AAOS) Update Bulletin contains details of security vulnerabilities affecting the Android Automotive OS platform. The full AAOS update comprises the security patch level of 2024-05-05 or later from the May 2024 Android Security Bulletin in addition to all issues in this...

Debian dsa-5681 : affs-modules-5.10.0-29-4kc-malta-di - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5681 advisory. Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an...

HackerOne: Able to Create Testimonials for myself using Sandbox

Summary: Recently you allowed us to give testimonials for the sandbox reports which is Vulnerable and allows all the researcher to control their Testimonials for their benefit t. Description: When a report is closed as resolved we are given the option of "This hacker is eligible for a...

CVE-2024-34468

Rukovoditel before 3.5.3 allows XSS via user_photo to My...

CVE-2024-34468

Rukovoditel before 3.5.3 allows XSS via user_photo to My...

CVE-2024-34468

Rukovoditel before 3.5.3 allows XSS via user_photo to My...

CVE-2024-34468

Rukovoditel before 3.5.3 allows XSS via user_photo to My...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1490-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1490-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of...

Friday Squid Blogging: Squid Purses

Squid-shaped purses for sale. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines...

My TED Talks

I have spoken at several TED conferences over the years. TEDxPSU 2010: "Reconceptualizing Security" TEDxCambridge 2013: "The Battle for Power on the Internet" TEDMed 2016: "Who Controls Your Medical Data?" I'm putting this here because I want all three links in one...

Introducing Artifact Attestations–now in public beta

June 25, 2024 update: Artifact Attestations is now generally available! Get started today. There’s an increasing need across enterprises and the open source ecosystem to have a verifiable way to link software artifacts back to their source code and build instructions. And with more than 100M...

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 22, 2024 to April 28, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 304 vulnerabilities disclosed in 232...

kernel security, bug fix, and enhancement update

[5.14.0-427.13.1_4.OL9] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update...

Firefox regressions

Releases Ubuntu 20.04 LTS Packages firefox - Mozilla Open Source web browser Details USN-6747-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a...

Ubuntu 20.04 LTS : Firefox regressions (USN-6747-2)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6747-2 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

CVE-2024-26958

In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------[ cut here ]------------ refcount_t: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28...

Yamux Memory Exhaustion Vulnerability via Active::pending_frames property

Summary Attack scenario The Rust implementation of the Yamux stream multiplexer uses a vector for pending frames. This vector is not bounded in length. Every time the Yamux protocol requires sending of a new frame, this frame gets appended to this vector. This can be remotely triggered in a number....

Yamux Memory Exhaustion Vulnerability via Active::pending_frames property

Summary Attack scenario The Rust implementation of the Yamux stream multiplexer uses a vector for pending frames. This vector is not bounded in length. Every time the Yamux protocol requires sending of a new frame, this frame gets appended to this vector. This can be remotely triggered in a number....

How to Make Your Employees Your First Line of Cyber Defense

There's a natural human desire to avoid threatening scenarios. The irony, of course, is if you hope to attain any semblance of security, you've got to remain prepared to confront those very same threats. As a decision-maker for your organization, you know this well. But no matter how many experts.....

CVE-2024-26958

In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------[ cut here ]------------ refcount_t: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28...

CVE-2024-26958

In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------[ cut here ]------------ refcount_t: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28...

CVE-2024-26958

In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------[ cut here ]------------ refcount_t: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28...

Bypassing MFA on Microsoft Azure Entra ID

TL;DR Even though MFA is effective it is one security control amongst many Even if MFA is in use, check its configuration Consider unexpected patterns of use, such as people logging in from Linux or macOS Make sure you log and can react to out-of-band behaviour Introduction On a recent Red Team...

CVE-2024-26958 nfs: fix UAF in direct writes

In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------[ cut here ]------------ refcount_t: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28...

CVE-2024-26958

In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------[ cut here ]------------ refcount_t: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1480-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1480-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic...

Exploit for Use After Free in Linux Linux Kernel

CVE-2024-1086 Universal local privilege escalation...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1466-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1466-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...

Amazon Linux 2 : glibc (ALAS-2024-2521)

The version of glibc installed on the remote host is prior to 2.26-64. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2521 advisory. The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes...