Design/Logic Flaw

Compiler removal of buffer clearing in slicryptotransparentaeaddecrypttag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM...

CVE-2023-32099

In Silicon Labs Gecko Platform SDK (GSDK) the vulnerability CVE-2023-32099 arises from compiler removal of a buffer clearing in the sli_se_sign_hash function, causing key material to be duplicated in RAM. Affected products are Gecko Platform SDK versions 4.2.1 and earlier. Impact is described as ...

CVE-2023-32097

The CVE-2023-32097 vulnerability affects Silicon Labs Gecko Platform SDK (GSDK) up to v4.2.1, specifically the function sli_crypto_transparent_aead_decrypt_tag. A compiler optimization removed a buffer-clearing operation, which can cause key material to be duplicated in RAM. This is characterized...

Fedora 37 : golang (2023-12504e8774)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-12504e8774 advisory. go1.19.9 released 2023-05-02 includes three security fixes to the html/template package, as well as bug fixes to the compiler, the runtime, and the crypto/tl...

Cbrutekrag - Penetration Tests On SSH Servers Using Brute Force Or Dictionary Attacks. Written In C

Penetration tests on SSH servers using dictionary attacks. Written in C. brute krag means "brute force" in afrikáans Disclaimer This tool is for ethical testing purpose only. cbrutekrag and its owners can't be held responsible for misuse by users. Users have to act as permitted by local law rules...

kernel: Executable Space Protection Bypass

A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file...

Security Bulletin: A security vulnerability in Node.js pug/pug-code-gen module affects IBM Cloud Automation Manager

Summary A security vulnerability in Node.js pug/pug-code-gen module affects IBM Cloud Automation Manager. Vulnerability Details CVEID:CVE-2021-21353 DESCRIPTION: Node.js pug and pug-code-gen could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation...

Intel® oneAPI Toolkit and Component Software Installers Advisory

Summary: A potential security vulnerability in some Intel® oneAPI Toolkit and component software installers may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-22355 Description: Uncontrolled searc...

SUSE-SU-2023:2125-1 Security update for containerd

This update for containerd fixes the following issues: - containerd was rebuilt with a current GO compiler, catching up to bug and security fixes provided by go. bsc1210298...

PT-2023-36156 · Unknown · Kubernetes Containerd

Name of the Vulnerable Software and Affected Versions: containerd affected versions not specified Description: The issue is related to containerd being rebuilt with a current GO compiler to catch up on bug and security fixes provided by GO. Recommendations: At the moment, there is no information...

AppDomain Manager Injection: New Techniques For Red Teams

AppDomain Manager Injection is a very versatile and useful technique for red team operators. This technique allows you to effectively turn any Microsoft.NET application on a Windows host into a lolbin Living Off the Land Binary by forcing the application to load a specially crafted .NET assembly,...

The vulnerability in the `pkgconf_tuple_parse` function (libpkgconf/tuple.c) of the pkgconf development tool, which is used for configuring compiler and assembler flags for development libraries. This vulnerability allows an attacker to cause a service failure.

The vulnerability of the pkgconftupleparse function in the library for configuring compiler and assembler flags for the pkgconf development tool is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to cause a system failu...

Code injection

Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled...

GHSA-CH89-5G45-QWC7 Undefined Behavior in Rust runtime functions

Impact Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled with LLVM 16 which causes some writes, which are critical for correctness, to be...

CVE-2023-30624

Wasmtime CVE-2023-30624 concerns an LLVM-level undefined behavior in per-instance state management (VMContext) of the Wasmtime runtime. The issue occurs in Wasmtime versions prior to 6.0.2, 7.0.1, and 8.0.1 and arises when unsafe code mutates VMContext data via methods using &self, which can lead...

CVE-2023-30624 Wasmtime has Undefined Behavior in Rust runtime functions

Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled...

Debian DSA-5392-1 : thunderbird - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5392 advisory. - matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can...

CentOS 7 : firefox (RHSA-2023:1791)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1791 advisory. - Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affec...

GHSA-W9G2-3W7P-72G9 Incorrect success value returned in vyper

Background During the audit of Lido's Gate Seals code statemind team identified a weird behavior of the code that uses rawcall: https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vyL164 . Construction like this: vyper success = rawcall...

Incorrect success value returned in vyper

Background During the audit of Lido's Gate Seals code statemind team identified a weird behavior of the code that uses rawcall: https://github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vyL164 . Construction like this: vyper success = rawcall...