openSUSE 15 Security Update : grafana (SUSE-SU-2023:3886-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:3886-1 advisory. - Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA key...

Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2023-346)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-346 advisory. The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3683-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3683-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. Th...

NodeStealer Malware Now Targets Facebook Business Accounts on Multiple Browsers

An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims' credentials using a variant of the Python-based NodeStealer and potentially take over their accounts for follow-on malicious activities. "The attacks are reaching victims mainly in Southern Europe...

Deserialization of untrusted data

SOFARPC is a Java RPC framework. Versions prior to 5.11.0 are vulnerable to remote command execution. Through a carefully crafted payload, an attacker can achieve JNDI injection or system command execution. In the default configuration of the SOFARPC framework, a blacklist is used to filter out...

CVE-2023-41331

Summary: CVE-2023-41331 affects SOFARPC, a Java RPC framework. Versions before 5.11.0 are vulnerable to remote command execution via deserialization, enabling JNDI injection or system command execution through crafted payloads. The default blacklist for dangerous classes is incomplete, allowing g...

Malware distributor Storm-0324 facilitates ransomware access

The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment. Beginnin...

SOFARPC Security Vulnerabilities

SOFARPC is a high-performance, highly scalable, production-grade Java RPC framework for SOFAStack. A security vulnerability exists in SOFARPC versions prior to 5.11.0 that stems from vulnerability to remote command execution attacks, where an attacker can leverage certain native JDK classes and...

Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows

A new cyber attack campaign is leveraging the PowerShell script associated with a legitimate red teaming tool to plunder NTLMv2 hashes from compromised Windows systems primarily located in Australia, Poland, and Belgium. The activity has been codenamed Steal-It by Zscaler ThreatLabz. "In this...

Amazon Linux 2 : cri-tools (ALAS-2023-2229)

The version of cri-tools installed on the remote host is prior to 1.26.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2229 advisory. 2023-10-11: The severity level was changed from Important to Medium. Extremely large RSA keys in certificate chains can cause a...

Amazon Linux 2023 : cni-plugins (ALAS2023-2023-338)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-338 advisory. http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject...

Deployment issues with chains not compatible with Shanghai hardfork

Lines of code Vulnerability details Impact Besides issues with deployment &maintenance contracts; A Big Issues is quoted below from an audit finding... "This could also become a problem if different versions of Solidity are used to compile contracts for different chains. The differences in byteco...

Medium: cri-tools

Issue Overview: 2023-10-11: The severity level was changed from Important to Medium. Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-2702)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 9 : openssl (ELSA-2023-12768)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12768 advisory. 3.0.7-16.0.1 - Replace upstream references Orabug: 34340177 Tenable has extracted the preceding description block directly from the Oracle Linux...

Fedora 37 : rust-rustls-webpki (2023-6ef5f2fbf3)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-6ef5f2fbf3 advisory. Update to version 0.100.2. This includes a fix for RUSTSEC-2023-0053 denial-of-service via crafted certificate chains. Tenable has extracted the preceding...

Golang < 1.19.12 / 1.20.x < 1.20.7 DoS

The version of Golang Go installed on the remote host is affected by denial of service vulnerability. Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is...

USN-6316-1 linux-oem-6.1 vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

Exploit for Incorrect Calculation in Google Android

CVE-2020-0022 Many thanks to Insinuator for their amazing blo...

OESA-2023-1531 golang security update

The Go Programming Language. Security Fixes: Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trust...