2678 matches found
Misconfigured Servers Targeted with New Golang Malwares
Summary: In a newly observed malware campaign, threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services. The campaign aims to deliver a cryptocurrency miner and establish a reverse shell for persistent remote...
Security Bulletin: IBM Instana Observability is affected by Vulnerabilities in Postgresql JDBC
Summary Vulnerabilities in Postgresql JDBC were remediated in IBM Observability with Instana build 267. Vulnerability Details CVEID:CVE-2022-41946 DESCRIPTION: Postgresql JDBC could allow a local authenticated attacker to obtain sensitive information, caused by not limit access to created readabl...
Deno arbitrary file descriptor close via `op_node_ipc_pipe()` leading to permission prompt bypass
Summary Use of raw file descriptors in opnodeipcpipe leads to premature close of arbitrary file descriptors, allowing standard input to be re-opened as a different resource resulting in permission prompt bypass. Details Node childprocess IPC relies on the JS side to pass the raw IPC file descript...
GHSA-6Q4W-9X56-RMWQ Deno arbitrary file descriptor close via `op_node_ipc_pipe()` leading to permission prompt bypass
Summary Use of raw file descriptors in opnodeipcpipe leads to premature close of arbitrary file descriptors, allowing standard input to be re-opened as a different resource resulting in permission prompt bypass. Details Node childprocess IPC relies on the JS side to pass the raw IPC file descript...
CVE-2024-2216
A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting futu...
Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining
Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an emerging malware campaign designed to deliver a cryptocurrency miner and spawn a reverse shell for persistent remote access. "The attackers...
BIT-GITLAB-2020-10952
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images...
New Linux Malware Alert: ‘Spinning YARN’ Hits Docker, Other Key Apps
By Deeba Ahmed Another day, another Linux malware! This is a post from HackRead.com Read the original post: New Linux Malware Alert: Spinning YARN Hits Docker, Other Key Apps...
BIT-VAULT-2020-35192
The official vault docker images before 0.11.6 contain a blank password for a root user. System using the vault docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password...
Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity
Cyberspace Mapping Dork Fofa app="JETBRAINS-TeamCity...
Amazon Linux 2023 : docker (ALAS2023-2024-542)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-542 advisory. 2024-08-28: CVE-2023-45289 was added to this advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from...
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: go-bindata, cfssl, thanos, mockery, gitness, cortex, helm-push, gomplate, flux-image-reflector-controller, bazelisk, hello-world-golang, paranoia, pulumi-language-yaml, nri-mysql, prometheus-adapter, direnv, nri-kafka, rqlite, kuberay-operator,...
Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity
CVE-2024-27198 CVE-2024-27198 - Authentication Bypass Usi...
Exploit for Injection in Atlassian Confluence_Data_Center
Executing Arbitrary Code In Confluence Memory CVE-2023-22527...
CentOS 9 : runc-1.1.7-1.el9
The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the runc-1.1.7-1.el9 build changelog. - runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless...
Apache James server: Privilege escalation via JMX pre-authentication deserialization
Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data. Given a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation. Note that by default JM...
GHSA-PX7W-C9GW-7GJ3 Apache James server: Privilege escalation via JMX pre-authentication deserialization
Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data. Given a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation. Note that by default JM...
CVE-2023-51518
Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data. Given a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation. Note that by default JM...
Authentication flaw
Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data. Given a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation. Note that by default JM...
CVE-2023-51518 Apache James server: Privilege escalation via JMX pre-authentication deserialisation
Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data. Given a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation. Note that by default JM...