CVE-2022-31006

indy-node is the server portion of Hyperledger Indy, a distributed ledger purpose-built for decentralized identity. In vulnerable versions of indy-node, an attacker can max out the number of client connections allowed by the ledger, leaving the ledger unable to be used for its intended purpose...

CVE-2022-31006 Hyperledger Indy DOS vulnerability

indy-node is the server portion of Hyperledger Indy, a distributed ledger purpose-built for decentralized identity. In vulnerable versions of indy-node, an attacker can max out the number of client connections allowed by the ledger, leaving the ledger unable to be used for its intended purpose...

PT-2022-20453 · Indy Node · Indy Node

Name of the Vulnerable Software and Affected Versions: indy-node affected versions not specified Description: The issue allows an attacker to max out the number of client connections allowed by the ledger, leaving it unable to be used for its intended purpose. However, the ledger content will not...

Play Ransomware's Attack Playbook Similar to that of Hive, Nokoyawa

Play is a new ransomware that takes a page out of Hive and Nokoyawa's playbook. The many similarities among them indicate that Play, like Nokoyawa, are operated by the same people...

Beijing PaiNet Software Co., Ltd Panalog has SQL injection vulnerability

Ltd. was founded in 2004, the company's products cover network access, traffic management, security audit, data analysis and other application scenarios, business coverage of enterprises, education, operators, government, medical, financial, energy, military, public security, hotels and other...

GHSA-R6V9-P59M-GJ2P Indy's NODE_UPGRADE transaction vulnerable to remote code execution

Impact The pool-upgrade request handler in Indy-Node =1.12.5 as soon as possible. Patches The pool-upgrade request handler in Indy-Node =1.12.5 has been updated to properly authenticate pool-upgrade transactions before any processing is performed by the request handler. The transactions are furth...

Indy's NODE_UPGRADE transaction vulnerable to remote code execution

Impact The pool-upgrade request handler in Indy-Node =1.12.5 as soon as possible. Patches The pool-upgrade request handler in Indy-Node =1.12.5 has been updated to properly authenticate pool-upgrade transactions before any processing is performed by the request handler. The transactions are furth...

Database Integrity Vulnerabilities in Boeing’s Onboard Performance Tool

This post is released in a co-ordinated manner with Boeing. TL;DR: Security gaps in older, unprotected Windows desktop versions of Boeing’s Onboard Performance Tool OPT could make certain Electronic Flight Bags EFB more susceptible to attack. In particular, OPT’s use of plain text configuration...

Hash Collision Within The epochForHash Mapping

Lines of code Vulnerability details It is not possible for the administrator to transfer operatorship to a new set of Operators/Weights/Threshold that has been previously configured because a hash collision will occur within the epochForHash mapping. Proof-of-Concept Assuming that OLDKEYRETENTION...

Allowance should always larger or equal to the transferred amount

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Wrong operators are set. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Line 111 - 115 if allowe...

Toll fraud malware: How an Android application can drain your wallet

Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve. Compared to other subcategories of billing fraud, which...

Toll fraud malware: How an Android application can drain your wallet

Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve. Compared to other subcategories of billing fraud, which...

CVE-2021-33648

When performing the inference shape operation of Affine, Concat, MatMul, ArgMinMax, EmbeddingLookup, and Gather operators, if the input shape size is 0, it will access data outside of bounds of shape which allocated from heap buffers...

The many lives of BlackCat ransomware

The BlackCat ransomware, also known as ALPHV, is a prevalent threat and a prime example of the growing ransomware-as-a-service RaaS gig economy. It’s noteworthy due to its unconventional programming language Rust, multiple target devices and possible entry points, and affiliation with prolific...

GHSA-6WR6-54MW-MVHR BaserCMS privilege escallation

BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors...

BaserCMS privilege escallation

BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors...

BackupOperatorToDA - From An Account Member Of The Group Backup Operators To Domain Admin Without RDP Or WinRM On The Domain Controller

If you compromise an account member of the group Backup Operators you can become the Domain Admin without RDP or WinRM on the Domain Controller. All credit from filipdragovic with his inital POC ! I build this project because I wanted to have a more generic binary with parameters and also being...

Microsoft Disrupts ZLoader Cybercrime Botnet in Global Operation

Microsoft and a consortium of cybersecurity companies took legal and technical steps to disrupt the ZLoader botnet, seizing control of 65 domains that were used to control and communicate with the infected hosts. "ZLoader is made up of computing devices in businesses, hospitals, schools, and home...

Attacks on Ukraine communications are a major part of the war

Since the start of the Russian invasion of Ukraine, the war on the battlefield has been accompanied by cyber attacks. Those attacks against critical infrastructure have knocked out banking and defense platforms, mostly by targeting several communication systems. In a timeline set up by NetBlocks,...

Rapid7 Nexpose has an unspecified vulnerability (CNVD-2022-21217)

Rapid7 Nexpose is a set of vulnerability management software from Rapid7, Inc. that can use the scan results to deeply probe the network. Rapid7 Nexpose version 6.6.93 and earlier versions have a security vulnerability that stems from the fact that Rapid7 Nexpose version 6.6.93 and earlier versio...