Lucene search
K

67 matches found

The Hacker News
The Hacker News
added 2024/10/28 5:29 a.m.35 views

Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel

A new attack technique could be used to bypass Microsoft's Driver Signature Enforcement DSE on fully patched Windows systems, leading to operating system OS downgrade attacks. "This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom rootkits that can neutralize...

7.3CVSS7.9AI score0.01678EPSS
Exploits0
OSV
OSV
added 2024/10/08 4:15 a.m.8 views

CVE-2024-45282

Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations...

5.3CVSS5.8AI score0.00293EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/07/18 2:50 a.m.3 views

SUSE CVE-2023-52886

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev-descriptor in hubportinit Syzbot reported an out-of-bounds read in sysfs.c:readdescriptors: BUG: KASAN: slab-out-of-bounds in readdescriptors+0x263/0x280 drivers/usb/core/sysfs.c:883 Re...

5.5CVSS6.4AI score0.00328EPSS
Exploits0References15
Veeam
Veeam
added 2024/06/21 12:0 a.m.23 views

Linux Hardened Repository Unable to Update Immutability or Remove Restore Points due to SGID

Article Applicability The errors in this article may occur for other reasons, this article is specifically relevant to a situation in which these errors occur because the folder where the backup files are stored has an SGID Set-Group ID configured. Example: backupsvc@rhel9$ ls -l total 1 drwxr-s...

6.7AI score
Exploits0Affected Software1
Veeam
Veeam
added 2023/12/05 12:0 a.m.585 views

Backup Warning: "repository time shift detected, immutability flag cannot be set."

Challenge A Backup or Backup Copy job using an Immutable Hardened Linux Repository displays the warning: A problem occurred during setting the immutable flag: repository time shift detected, immutability flag cannot be set. Please refer to KB4482 for more details Cause This warning is displayed...

5.7AI score
Exploits0Affected Software1
OSV
OSV
added 2023/11/14 7:15 p.m.3 views

CVE-2022-23830

SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity...

5.3CVSS5.7AI score0.00348EPSS
Exploits0References2
Veeam
Veeam
added 2023/10/03 12:0 a.m.53 views

Immutability Warning for Data Domain Repository: "Immutability flag on backups was set with warning"

Challenge A backup job that targets a Dell Data Domain repository completes with the warning, "Immutability flag on backups was set with warning: ", specifically with the endings: Immutability period for some backups exceeds the maximum value allowed by the target repository, using the maximum...

6.6AI score
Exploits0Affected Software1
OSV
OSV
added 2023/09/27 3:19 p.m.2 views

CVE-2023-44125

The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAGIMMUTABLE set that leads to theft and/or over-write of arbitrary files with system privilege in the Personalized service "com.lge.abba" app. The attacker's app, if it had access to app notifications, could...

7.8CVSS5.9AI score0.00125EPSS
Exploits0References1
Veeam
Veeam
added 2023/07/11 12:0 a.m.33 views

Increase in API Calls when Performing Direct Backups to Immutable Object Storage

Article Applicability This article was created to address high API usage observed with Veeam Backup & Replication 12.x. Starting in Veeam Backup & Replication 13, improvements were made to the handling of immutability-related API calls, which will significantly reduce the number of API calls that...

6.1AI score
Exploits0Affected Software1
Veeam
Veeam
added 2023/05/29 12:0 a.m.22 views

Unable to Add Object Storage With Versioning to Veeam Backup for Microsoft 365

Challenge When adding an Object Storage Repository, the following error occurs: The selected bucket supports blob versioning. Select a bucket with disabled blob versioning. Cause This issue occurs because the cloud storage has Versioning enabled. Starting with Veeam Backup for Microsoft 365 v7,...

7AI score
Exploits0Affected Software1
Cvelist
Cvelist
added 2023/05/26 10:52 p.m.19 views

CVE-2023-33199 malformed proposed intoto v0.0.2 entries can cause a panic in Rekor

Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. A malformed proposed entry of the intoto/v0.0.2 type can cause a panic on a thread within the Rekor process. The thread is recovered so the client receives a 500 error...

5.3CVSS5.4AI score0.0067EPSS
Exploits0References2
Veeam
Veeam
added 2023/04/14 12:0 a.m.44 views

StoreOnce and Veeam Immutability Compatibility

Challenge A backup job that targets an HPE StoreOnce Catalyst repository may display either of the following messages: In Veeam Backup & Replication 12.0, the job will fail and display the error: OSCLTERRIMMUTABLEEPOCHREQUESTEXCEEDSMAXIMUM. Err: -1817 In Veeam Backup & Replication 12.1, the job...

6.7AI score
Exploits0Affected Software1
OSV
OSV
added 2023/04/07 2:15 p.m.3 views

CVE-2022-43928

The IBM Toolbox for Java Db2 Mirror for i 7.4 and 7.5 could allow a user to obtain sensitive information, caused by utilizing a Java string for processing. Since Java strings are immutable, their contents exist in memory until garbage collected. This means sensitive data could be visible in memor...

6.5CVSS5.8AI score0.00638EPSS
Exploits0References2
Code423n4
Code423n4
added 2023/03/09 12:0 a.m.9 views

Lottery owner can rig the draw to win the jackpot by swapping the source

Lines of code Vulnerability details Lottery owner can rig the draw to win the jackpot by swapping the source Impact The lottery owner has the ability to swap the Random Source under certain cirumstances, and this can be exploited to set a new source contract that returns any number set by it. Thi...

6.8AI score
Exploits0
Veeam
Veeam
added 2023/02/28 12:0 a.m.127 views

How to Configure Azure Storage Account to Leverage Immutability with Veeam Backup & Replication

Purpose This article was designed to complement the information available in the Veeam Backup & Replication User Guide, specifically the required storage account and container settings to align with the Azure Blob Storage Immutability Limitations. This article describes the correct options that...

6.6AI score
Exploits0Affected Software1
Veracode
Veracode
added 2022/09/29 6:46 a.m.29 views

Improper Authorization

github.com/goharbor/harbor is vulnerable to improper authorization. A remote authenticated attacker is able to gain access to unauthorized projects due to improper validation of the user permissions when updating tag immutability policies...

7.7CVSS4.4AI score0.00396EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/09/16 7:38 p.m.22 views

GHSA-8C6P-V837-77F6 Harbor fails to validate the user permissions when updating tag immutability policies

Impact Harbor fails to validate the user permissions when updating tag immutability policies - API call: PUT /projects/projectnameorid/immutabletagrules/immutableruleid By sending a request to update a tag immutability policy with an id that belongs to a project that the currently authenticated...

6.4CVSS7.5AI score0.00396EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/09/16 7:38 p.m.28 views

Harbor fails to validate the user permissions when updating tag immutability policies

Impact Harbor fails to validate the user permissions when updating tag immutability policies - API call: PUT /projects/projectnameorid/immutabletagrules/immutableruleid By sending a request to update a tag immutability policy with an id that belongs to a project that the currently authenticated...

7.7CVSS1.4AI score0.00396EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.13 views

PT-2022-20881 · Harbor · Harbor

Name of the Vulnerable Software and Affected Versions: Harbor versions prior to 2.5.2 Description: The issue arises from Harbor's failure to validate user permissions when updating tag immutability policies. This can be exploited by sending a request to update a tag immutability policy with an id...

7.7CVSS7AI score0.00396EPSS
Exploits0References10
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/08/19 3:55 a.m.5 views

Malicious code in immutability-huelperr (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d60e9f77d8a3cba1154ffc5686d6423d4254ed424dd1221e73257726bdcc7ac2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Rows per page
Query Builder