CVE-2024-8285

A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perfor...

CVE-2024-8285

CVE-2024-8285 affects Kroxylicious, where TLS upstream connections to Kafka fail to verify the server hostname. This creates a potential for MITM and data integrity/confidentiality impact. Attacks require network access and, per the sources, may require high privileges to modify Kroxylicious conf...

GHSA-WH2W-39F4-RPV2 Hyperledger Indy's update process of a DID does not check who signs the request

Name Updating a DID with a nym transaction will be written to the ledger if neither ROLE or VERKEY are being changed, regardless of sender. Description A malicious DID with no particular role can ask an update for another DID but cannot modify its verkey or role. This is bad because: 1. Any DID c...

Breaking Down AD CS Vulnerabilities: Insights for InfoSec Professionals

The most dangerous vulnerability you've never heard of. In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within your security tooling, while others ar...

Cisco Identity Services Engine XSRF (cisco-sa-ise-csrf-y4ZUz5Rj)

According to its self-reported version, Cisco Identity Services Engine is affected by a cross-site request forgery XSRF vulnerability. - A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a...

CVE-2024-1543 AES T-Table sub-cache-line leakage

The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. In a controlled environment such as Intel SGX, an attacker can gain a per instruction sub-cache-line resolution allowing them to break the...

CVE-2024-1543

The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. In a controlled environment such as Intel SGX, an attacker can gain a per instruction sub-cache-line resolution allowing them to break the...

CVE-2024-38304

Dell PowerEdge Platform, 14G Intel BIOS versions prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure...

CVE-2024-29727 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sendParticipationRemember/ , paramete...

CVE-2024-39771

CVE-2024-39771 affects Safie QBiC CLOUD CC-2L (v1.1.30 and earlier) and Safie One (v1.8.2 and earlier). The root cause is improper certificate validation, which can allow a network-adjacent, unauthenticated attacker to perform a man‑in‑the‑middle and either obtain or alter communications of the a...

CVE-2024-42364 homepage DNS rebinding vulnerability (GHSL-2024-096)

Homepage is a highly customizable homepage with Docker and service API integrations. The default setup of homepage 0.9.1 is vulnerable to DNS rebinding. Homepage is setup without certificate and authentication by default, leaving it to vulnerable to DNS rebinding. In this attack, an attacker will...

K000140787: Gunicorn vulnerability CVE-2024-1135

Security Advisory Description Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling HRS vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This iss...

CVE-2024-39744 IBM Sterling Connect:Direct Web Services cross-site request forgery

IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

CVE-2024-20488

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user o...

CVE-2024-43411

CVE-2024-43411 affects CKEditor 4.22 and later with the “version notifications” feature enabled (note: this feature is disabled by default in all CKEditor 4 LTS versions). In a highly unlikely scenario where an attacker gains control of the https://cke4.ckeditor.com domain, they could potentially...

GO-2023-2340 Attacker can cause Kyverno user to unintentionally consume insecure image in github.com/kyverno/kyverno

Attacker can cause Kyverno user to unintentionally consume insecure image in github.com/kyverno/kyverno...

Exploits and vulnerabilities in Q2 2024

Q2 2024 was eventful in terms of new interesting vulnerabilities and exploitation techniques for applications and operating systems. Attacks through vulnerable drivers have become prevalent as a general means of privilege escalation in the operating system. Such attacks are notable in that the...

Openshift Console insufficient entropy vulnerability

An insufficient entropy vulnerability was found in the Openshift Console. In the authorization code type and implicit grant type, the OAuth2 protocol is vulnerable to a Cross-Site Request Forgery CSRF attack if the state parameter is used inefficiently. This flaw allows logging into the victim’s...

GHSA-4CRF-28C7-V4GR Openshift Console insufficient entropy vulnerability

An insufficient entropy vulnerability was found in the Openshift Console. In the authorization code type and implicit grant type, the OAuth2 protocol is vulnerable to a Cross-Site Request Forgery CSRF attack if the state parameter is used inefficiently. This flaw allows logging into the victim’s...

CVE-2024-6508

An insufficient entropy vulnerability was found in the Openshift Console. In the authorization code type and implicit grant type, the OAuth2 protocol is vulnerable to a Cross-Site Request Forgery CSRF attack if the state parameter is used inefficiently. This flaw allows logging into the victim’s...