Windows CLFS and five exploits used by ransomware operators (Exploit #3 – October 2022)

This is part four of our study about the Common Log File System CLFS and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Please read the previous parts first if you havent already. You can skip to the other parts using this table of...

CLSA-2023-1702573728 Fix CVE(s): CVE-2022-48560

SECURITY UPDATE: Posible crash in heapq with custom comparison operators - debian/patches/CVE-2022-48560.patch: Disallow releasing heap items during a comparison callback - CVE-2022-48560...

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators name...

Memory corruption

Memory corruption while using the UIM diag command to get the operators name...

CVE-2023-33018 Integer Overflow to Buffer Overflow in User Identity Module

Memory corruption while using the UIM diag command to get the operators name...

Design/Logic Flaw

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache DolphinScheduler.This issue affects Apache DolphinScheduler: before 3.2.1. Users are recommended to upgrade to version 3.2.1, which fixes the issue. At the time of disclosure of this advisory, this version has not...

CVE-2023-49068 Apache DolphinScheduler: Information Leakage Vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache DolphinScheduler.This issue affects Apache DolphinScheduler: before 3.2.1. Users are recommended to upgrade to version 3.2.1, which fixes the issue. At the time of disclosure of this advisory, this version has not...

Security Bulletin: IBM Storage Fusion may be vulnerable to Denial of Service via use of openshift/machine-api-operator, openshift/machine-config-operator (CVE-2020-28851, CVE-2020-28852, CVE-2021-44716)

Summary OpenShift's machine-api-operator and machine-config-operator are used by IBM Storage Fusion to interact with the OpenShift platform, operators, and custom resource definitions. Vulnerabilities in these libraries include an improper validation of array index and possible uncontrolled...

CVE-2023-5963

An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9 to 16.3.6, 16.4 prior to 16.4.2 and 16.5 prior to 16.5.1 that could allow a denial of service in the Advanced Search function by chaining too many syntax operators...

Design/Logic Flaw

An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9 to 16.3.6, 16.4 prior to 16.4.2 and 16.5 prior to 16.5.1 that could allow a denial of service in the Advanced Search function by chaining too many syntax operators...

CVE-2023-5963 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9 to 16.3.6, 16.4 prior to 16.4.2 and 16.5 prior to 16.5.1 that could allow a denial of service in the Advanced Search function by chaining too many syntax operators...

PT-2023-32445 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 13.9 through 16.3.6 GitLab EE version 16.4 prior to 16.4.2 GitLab EE version 16.5 prior to 16.5.1 Description: An issue has been discovered in GitLab EE with Advanced Search that could allow a denial of service in the...

GitLab Security Breach

GitLab is an open source, end-to-end software development platform from US-based GitLab with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab EE that stems from allowing an...

Mysterious Kill Switch Disrupts Mozi IoT Botnet Operations

The unexpected drop in malicious activity connected with the Mozi botnet in August 2023 was due to a kill switch that was distributed to the bots. "First, the drop manifested in India on August 8," ESET said in an analysis published this week. "A week later, on August 16, the same thing happened ...

Malicious sub-account operators can perform cross-chain signature replay attack

Lines of code Vulnerability details Impact Malicious sub-account operators can perform policy or transactions not allowed to the specific chain but allowed in other chain. This is possible due to cross-chain signature replay attack. Proof of Concept To describe the attack, for example, let us hav...

CLSA-2023-1697741983 python3: Fix of CVE-2022-48560

CVE-2022-48560: fix posible crash in heapq with custom comparison operators...

CLSA-2023-1697741309 python3: Fix of CVE-2022-48560

CVE-2022-48560: fix posible crash in heapq with custom comparison operators...

CLSA-2023-1697740683 python3: Fix of CVE-2022-48560

CVE-2022-48560: fix posible crash in heapq with custom comparison operators...

CVE-2023-45152

Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that n...

Server side request forgery (ssrf)

Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that n...