Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates

Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate code-signing certificates. French cybersecurity company HarfangLab, which detected the activity at the start of the month, said the attack chains aim to deploy an...

nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability...

Security Bulletin: Multiple vulnerabilities in Bouncy Castle Crypto affect IBM Robotic Process Automation.

Summary Multiple vulnerabilities in Bouncy Castle Crypto affect IBM Robotic Process Automation. IBM Robotic Process Automation uses Bouncy Catle Crypto for some cryptographic processing. This bulletin identifies the security fixes to apply to address the vulnerabilities. Vulnerability Details...

Amazon Linux 2023 : libgcrypt, libgcrypt-devel (ALAS2023-2024-736)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-736 advisory. A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA...

Medium: libgcrypt

Issue Overview: A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts. CVE-2024-2236 Affected Packages: libgcrypt Issue Correction: Run dnf...

PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet

A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service DoS condition. Repeated attempts to trigger this condition will result in PAN-OS entering...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 CoCo kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225487. CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900...

Security Bulletin: Multiple Vulnerabilities in Rational Synergy 7.2.2.6

Summary Vulnerabilities in the Java Runtime Environment JRE 8.0.8.0 and earlier component shipped with Rational Synergy may affect the security of the product. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could...

Security Bulletin: IBM Security Verify Governance has multiple vulnerabilities

Summary Multiple security vulnerabilities have been addressed in an update for IBM Security Verify Governance. Vulnerability Details CVEID:CVE-2024-30172 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by an infinite loop in the Ed25519...

Synology DiskStation Manager Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-27624)

A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the packet decryption functionality of Out-of-Band OOB Management. This allows remote attackers to execute arbitrary commands via unspecified vectors. The following models with Synology...

CVE-2024-45744

TopQuadrant TopBraid EDG stores external credentials insecurely. An authenticated attacker with file system access can read edg-setup.properites and obtain the secret to decrypt external passwords stored in edg-vault.properties. An authenticated attacker could gain file system access using a...

CVE-2024-45744

TopQuadrant TopBraid EDG stores external credentials in edg-vault.properties and reads secrets from edg-setup.properties, enabling an authenticated attacker with file-system access to decrypt external passwords. Affected from at least v7.1.3; attacker access may be gained via another vulnerabilit...

TopQuadrant TopBraid EDG 安全漏洞

TopQuadrant TopBraid EDG is a knowledge graph creation and management tool from TopQuadrant. A security vulnerability exists in TopQuadrant TopBraid EDG version 7.1.3, which originates when an authenticated attacker with file system access can obtain the key to decrypt an external password stored...

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

CVE-2024-47122

In the goTenna Pro App, the encryption keys are stored along with a static IV on the End User Device EUD. This allows for complete decryption of keys stored on the EUD if physically compromised. This allows an attacker to decrypt all encrypted broadcast communications based on encryption keys...

CVE-2024-45374

The goTenna Pro ATAK plugin uses a weak password for sharing encryption keys via the key broadcast method. If the broadcasted encryption key is captured over RF, and password is cracked via brute force attack, it is possible to decrypt it and use it to decrypt all future and past messages sent vi...

CVE-2024-43694

In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static IV on the device. This allows for complete decryption of keys stored on the device. This allows an attacker to decrypt all encrypted broadcast communications based on broadcast keys stored on the device...

CVE-2024-43694

The CVE-2024-43694 issue affects the goTenna Pro ATAK Plugin. Insecure storage of encryption keys with a static IV on the End User Device enables full decryption of device-stored keys and thus all encrypted broadcast communications. Affected versions include goTenna Pro ATAK Plugin prior to the f...

CVE-2024-43694 goTenna Pro ATAK Plugin Insecure Storage of Sensitive Information

In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static IV on the device. This allows for complete decryption of keys stored on the device. This allows an attacker to decrypt all encrypted broadcast communications based on broadcast keys stored on the device...

CVE-2024-43694 goTenna Pro ATAK Plugin Insecure Storage of Sensitive Information

In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static IV on the device. This allows for complete decryption of keys stored on the device. This allows an attacker to decrypt all encrypted broadcast communications based on broadcast keys stored on the device...