py-cryptography -- allows programmers to misuse an API

alex reports: Previously, Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to be mutated, thus violating fundamental rules of Python. This is a soundness bug -- it allows...

Immutable varibles should be checked to there default values

Lines of code Vulnerability details Impact It is very important to check whether the immutable variables are not equal to the default values because if Quest is created and when we pass a default value to a variable then it can't be changed and it can lead to a problem. Proof of Concept Suppose...

Siemens S7-1500 CPU devices Missing Immutable Root of Trust in Hardware (CVE-2022-38773)

Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary cod...

The vulnerability of microprogrammed software in Siemens SIMATIC S7-1500 CPU Family programmable logic controllers stems from the lack of an immutable root cause in the equipment. This allows a hacker to replace the device’s load image and execute arbitrary code.

The vulnerability of the microprogrammed control systems of Siemens SIMATIC S7-1500 CPU Family lies in the absence of an immutable trust base in the equipment. Exploiting this vulnerability allows a perpetrator to replace the device’s boot image and execute arbitrary code...

CVE-2022-38773

Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary cod...

CVE-2022-38773

The CVE-2022-38773 issue affects Siemens S7-1500 CPU family where devices lack an Immutable Root of Trust in hardware. This prevents boot-time code integrity validation, enabling an attacker with physical access to replace the boot image and run arbitrary code. Connected sources (e.g., Red Hat ad...

Siemens S7-1500 CPU devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

External Control of Assumed-Immutable Web Parameter

Overview Affected versions of this package are vulnerable to External Control of Assumed-Immutable Web Parameter due to improper escape of the " character in the generatemultipart function, which allows injecting malicious content to the filename parameter via the Content-Disposition header. PoC...

Extensive permissions for owner

Lines of code Vulnerability details Impact & Proof Of Concepts / Implications Some privileged functions are often unavoidable in smart contracts. However, in these contracts, the privileges are unnecessarily very extensive and without checks on the smart contract side: 1. He can use ownerMint or...

CVE-2022-3875

A vulnerability classified as critical was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This vulnerability affects unknown code of the component API. The manipulation leads to authentication bypass by assumed-immutable data. The attack can be initiated remotely...

CVE-2022-3875 Click Studios Passwordstate API authentication bypass by assumed-immutable data

A vulnerability classified as critical was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This vulnerability affects unknown code of the component API. The manipulation leads to authentication bypass by assumed-immutable data. The attack can be initiated remotely...

Protobuf Java vulnerable to Uncontrolled Resource Consumption

A parsing issue similar to CVE-2022-3171, but with Message-Type Extensions in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown...

DEBIAN-CVE-2022-3510

A parsing issue similar to CVE-2022-3171, but with Message-Type Extensions in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown...

[SECURITY] Fedora 36 Update: snapd-2.57.6-1.fc36

Snappy is a modern, cross-distribution, transactional package manager designed for working with self-contained, immutable packages...

kernel: missing DM_TARGET_IMMUTABLE feature flag in verity_target in drivers/md/dm-verity-target.c

A flaw was found in the Linux kernel, where it is possible to modify read-only files due to a missing permission check. This flaw can lead to local privilege escalation...

kernel: missing DM_TARGET_IMMUTABLE feature flag in verity_target in drivers/md/dm-verity-target.c

A flaw was found in the Linux kernel, where it is possible to modify read-only files due to a missing permission check. This flaw can lead to local privilege escalation...

kernel: missing DM_TARGET_IMMUTABLE feature flag in verity_target in drivers/md/dm-verity-target.c

A flaw was found in the Linux kernel, where it is possible to modify read-only files due to a missing permission check. This flaw can lead to local privilege escalation...

Adapting existing VM programs to regain control

Stop me if you’ve heard this before. The scale, speed and complexity of cloud environments — particularly when you introduce containers and microservices — has made the lives of security professionals immensely harder. While it may seem trite, the reason we keep hearing this refrain is because,...

Initialize: No access control for initializatino and possible multiple initializations

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. First of all, there is no modifier for access control, any one can call initialize and the two require statements won't provent it. Second, it is possible that the initialize function is called multiple...

CVE-2022-3171

A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted...