Path Traversal

mlfow is vulnerable to Path Traversal . The vulnerability is caused due to a lack of appropriate uri validation within uri.py. The attacker can read sensitive files on the mlflow server by exploiting this vulnerability...

Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally

SUMMARY The U.S. Federal Bureau of Investigation FBI, U.S. Cybersecurity & Infrastructure Security Agency CISA, U.S. National Security Agency NSA, Polish Military Counterintelligence Service SKW, CERT Polska CERT.PL, and the UK’s National Cyber Security Centre NCSC assess Russian Foreign...

GHSA-WW7X-3GXH-QM6R Validation of SignedInfo

Validation of an XML Signature requires verification that the hash value of the related XML-document after any optional transformations and/or normalizations matches a specific DigestValue-value, but also that the cryptografic signature on the SignedInfo-tree the one that contains the DigestValue...

GHSA-6HJJ-GQ77-J4QW Label Studio Object Relational Mapper Leak Vulnerability in Filtering Task

Introduction This write-up describes a vulnerability found in Label Studio, a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.9.2post0 and was tested on version 1.8.2. Overview In all current versions of Label Studio, the application allow...

Spammers abuse Google Forms’ quiz to deliver scams

Spammers are exploiting the "Release scores" feature of Google Forms quizzes to deliver email. The emails originate from Googles own servers and consequently may have an easier time bypassing anti-spam protections and finding the victims inbox. Volumes of these messages hovered near noise levels...

Navigating the Sea, Exploiting DigitalOcean APIs

Cloud service providers are now fundamental elements of internet infrastructure, granting organizations and individuals the ability to scale and efficiently store, manage, and process data. DigitalOcean is one such provider, well-regarded for its simplicity and developer-friendly platform, and...

Ransomware Threats Exploit CVE-2023-46604 in Apache ActiveMQ Servers

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Ransomware groups and SparkRAT exploiting a critical vulnerability CVE-2023-46604 in Apache ActiveMQ, despite a security update on October 27, 2023, affecting systems with outdated ActiveMQ...

Design/Logic Flaw

Requests to fetch image metadata could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requires at least access to adjacent networks of the imageconverter service, which is not exposed to public networks by default. Arbitrary SQL statements could b...

Updated bind packages fix security vulnerabilities

The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...

Arbitrary Code Execution

traceroute is vulnerable to Arbitrary Code Execution. A command-line argument parsing vulnerability in the traceroute utility allows an attacker to execute arbitrary code on a vulnerable system by exploiting a flaw in the way that traceroute parses command-line arguments...

Design/Logic Flaw

Line directives "//line" can be used to bypass the restrictions on "//go:cgo" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of...

HTMLSmuggler - HTML Smuggling Generator And Obfuscator For Your Red Team Operations

The full explanation what is HTML Smuggling may be found here. The primary objective of HTML smuggling is to bypass network security controls, such as firewalls and intrusion detection systems, by disguising malicious payloads within seemingly harmless HTML and JavaScript code. By exploiting the...

Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers

A financially motivated threat actor has been outed as an initial access broker IAB that sells access to compromised organizations for other adversaries to conduct follow-on attacks such as ransomware. SecureWorks Counter Threat Unit CTU has dubbed the e-crime group Gold Melody, which is also kno...

Nation-State Actors Infiltrate U.S. by Exploiting Zoho and Fortinet Flaws

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Multiple nation-state entities infiltrated a prominent U.S. aeronautics organization by capitalizing on vulnerabilities within Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus,...

Path traversal allows exploiting XXE vulnerability in Jenkins Job Configuration History Plugin

Jenkins Job Configuration History Plugin 1227.v7a79fc4dc01f and earlier does not restrict 'timestamp' query parameters in multiple endpoints, allowing attackers with to delete attacker-specified directories on the Jenkins controller file system as long as they contain a file called 'history.xml'...

Inaccurate Bonded Amount Event Emission

Lines of code Vulnerability details Impact in here : if previous.bondedAmount != current.bondedAmount emit DelegatorBondedAmountChangedaccount, previous.bondedAmount, current.bondedAmount; the function checks if the previous.bondedAmount is not equal to current.bondedAmount before emitting the...

CVE-2023-4511

A denial of service vulnerability was found in Wireshark due to an infinite loop in the Bluetooth BT SDP dissector. Exploiting this flaw involves injecting a malformed packet onto the wire or enticing a victim to read a corrupted packet trace file, resulting in a crash of the BT SDP dissector. Th...

Cross-Site Request Forgery (CSRF)

A Cross-site request forgery CSRF attack is a type of malicious attack whereby an attacker tricks a victim into performing an action on a website that they do not intend to do. This can be done by sending the victim a malicious link or by exploiting a vulnerability in the website. For example, an...

Stored HTML injection

Description Stored HTML Injection: A Hidden Web Threat. Learn how attackers exploit input fields to inject malicious code into web applications, jeopardizing user data and site integrity. Discover crucial prevention measures to safeguard against this insidious vulnerability. Step to reproduce 1...

Exploiting SteelSeries' Subapplication Mechanism for Privilege Escalation

...