Design/Logic Flaw

NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x and other products, allows attackers to bypass script blocking via the text/html;/json Content-Type value...

CVE-2018-16983

NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x and other products, allows attackers to bypass script blocking via the text/html;/json Content-Type value...

CVE-2018-16983

CVE-2018-16983 affects NoScript Classic prior to 5.1.8.7 (used in Tor Browser 7.x and other products). The issue lets an attacker bypass script blocking by manipulating the Content-Type value text/html;/json, enabling bypass of the NoScript protection. Impact is described as content-script/script...

CVE-2018-16983

Removed by vendor...

CVE-2018-16343

SeaCMS 6.61 allows remote attackers to execute arbitrary code because parseIf in include/main.class.php does not block use of $GLOBALS...

A week in security (August 20 – August 26)

Last week on Labs, we took a look at insider threats, doubled back on the privacy of search browser extensions, profiled green card scams, revisited Defcon badgelife, and talked about what happens to a user's accounts when they die. Other cybersecurity news There was an archiving error in Twitch...

CVE-2018-15904

A10 ACOS Web Application Firewall WAF 2.7.1 and 2.7.2 before 2.7.2-P12, 4.1.0 before 4.1.0-P11, 4.1.1 before 4.1.1-P8, and 4.1.2 before 4.1.2-P4 mishandles the configured rules for blocking SQL injection attacks, aka A10-2017-0008...

An Open-Source Pre and Post Callback-Based Framework for macOS Kernel Monitoring: Kemon

If third-party vendors want to add new features to the macOS kernel, such as antivirus capabilities, ransomware blocking, data breach auditing, behavior monitoring and so on, they usually need the support of the system’s exported interfaces. At present, only two known official interfaces are...

AV-Comparatives: Trend Micro Mobile Security for Android Provides 100% Malware Protection for Mobile Users

With the introduction of Android v8.0 Android Oreo in August of 2017, among other OS improvements Google introduced its built-in malware protection for Android call Play Protect dependent on Google Play Services 11 or later. Play Protect checks apps and APK files downloaded from Google Play or...

Microsoft Windows: Untrusted Font Blocking

This security feature provides a global setting to prevent programs from loading untrusted fonts. Untrusted fonts are any font installed outside of the %windir%\Fonts directory. This feature can be configured to be in 3 modes: On, Off, and Audit. By default, it is Off and no fonts are blocked. If...

MariaDB: xmlrpc.php on mariadb.org can lead to DDOS and brute force attacks

XMLRPC was enabled and accessible on our website. Since we don't need any of the functionality provided by the Wordpress XMLRPC protocol, we were already trying to block XMLRPC requests to our site via our web server configuration, however, due to a syntactic error our enforcing rule did not appl...

A week in security (July 16 – July 22)

Last week on Labs, we looked at a Magniber expansion, explored open source vulnerabilities, and checked out the boons and drawbacks of smart assistants. We also continued our ad blocking article extravaganza, gave a whistlestop tour of third-party problems, and published our Q2 Cybercrime tactics...

How to block ads like a pro

In part one of this series, we had a look at a few reasons why you should be blocking online advertisements on your network and devices. From malvertising attacks and privacy-invading tracking systems to just being an outright annoyance, online ads and trackers are a nuisance that provides an...

Google Enables 'Site Isolation' Feature By Default For Chrome Desktop Users

Google has by default enabled a security feature called "Site Isolation" in its web browser with the release of Chrome 67 for all desktop users to help them protect against many online threats, including Spectre and Meltdown attack. Site Isolation is a feature of the Google Chrome web browser tha...

WordPad Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OLE objects. An attacker who successfully exploited the vulnerability could bypass content blocking. In a file-sharing attack scenario, an attacker could provide a specially crafted document file...

RiptideCoin (RIPT) Integer Overflow Vulnerability

RiptideCoin RIPT is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function of RIPT's smart contract implementation. An attacker could exploit the vulnerability to prevent the seller from accessing the assets due to the exchange...

[SECURITY] Fedora 27 Update: nodejs-8.11.3-1.fc27

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

OpenJDK: unbounded memory allocation during deserialization in PriorityBlockingQueue (Concurrency, 8189981)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...

OpenJDK: unbounded memory allocation during deserialization in PriorityBlockingQueue (Concurrency, 8189981)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with...

[SECURITY] Fedora 28 Update: nodejs-8.11.3-1.fc28

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...