SUSE CVE-2019-10723

An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated...

SUSE CVE-2020-14002

PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client...

SUSE CVE-2020-14145

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client. NOTE: some reports...

SUSE CVE-2020-35685

An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers ISNs for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing...

SUSE CVE-2021-3446

A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms with OpenSSL contained a vulnerability related to the returned IV initialization vector when certain symmetric ciphers were used. Instead of returning the last IV it returned the initial IV to the calle...

SUSE CVE-2021-23222

A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption...

Zuken Elmic KASAGO uses insufficient random values for TCP Initial Sequence Numbers

Overview Zuken Elmic KASAGO, TCP/IP protocol stack for embedded systems, uses its own random number generator function when generating TCP initial sequence numbers, which leads to use insufficient random values CWE-330. Zuken Elmic reported this vulnerability to JPCERT/CC to notify users of its...

CVE-2022-43501

KASAGO TCP/IP stack provided by Zuken Elmic generates ISNsInitial Sequence Number for TCP connections from an insufficiently random source. An attacker may be able to determine the ISN of the current or future TCP connections and either hijack existing ones or spoof future ones...

CVE-2022-43501

KASAGO TCP/IP stack provided by Zuken Elmic generates ISNsInitial Sequence Number for TCP connections from an insufficiently random source. An attacker may be able to determine the ISN of the current or future TCP connections and either hijack existing ones or spoof future ones...

KASAGO IPv6/v4 Dual 安全特征问题漏洞

KASAGO IPv6/v4 Dual is KASAGO's protocol middleware for TCP/IP communication. A security vulnerability exists in KASAGO IPv6/v4 Dual that stems from an insufficiently randomized ISN Initial Sequence Number. An attacker can exploit this vulnerability to predict the value of the ISN...

CLSA-2023-1675774889 Update of alt-php

Initial build for Ubuntu 18.04...

First deposit can break share calculation

Lines of code Vulnerability details Impact Vault share price can be maliciously inflated on the initial deposit, leading to the next depositor losing assets due to precision issues. Proof of Concept 147: shares = convertToSharesassets - feeShares; If feeShares = 0 the first depositor of Vault can...

New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers

VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems. "These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021," the Computer Emergency Response Team CERT of France said i...

What Old is New Again and What's Old is Me?

Welcome to this weeks edition of the Threat Source newsletter. Whats old is new again and whats old is still old. The fact that we are seeing a comeback of this USB thumb drive nonsense is giving me heartburn, and a headache, and my left eye is twitching … and maybe numbness in my legs? Yes, I am...

New BOLDMOVE Backdoor uses FortiOS vulnerability for initial access

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A suspected China-nexus campaign has exploited a vulnerability in Fortinets FortiOS SSL-VPN, known as CVE-2022-42475. The exploitation was believed to have occurred as early as October 2022 and the targe...

ConduitController: Smart Contract Initial Owner Vulnerability

Lines of code Vulnerability details Bug Description The createConduit function in the ConduitController smart contract is responsible for deploying new conduits, or contracts that allow registered callers or open "channels" to transfer approved ERC20/721/1155 tokens on their behalf. The function...

Threat Source newsletter (Jan. 19, 2023): Talent retention and institutional knowledge

Welcome to this weeks edition of the Threat Source newsletter. Talent retention and institutional knowledge go hand in hand. Both are critical to ensuring the security of your network environment. To that end, I want to talk briefly about why talent retention isnt just about money. So I am going ...

New Research Delves into the World of Malicious LNK Files and Hackers Behind Them

Cybercriminals are increasingly leveraging malicious LNK files as an initial access method to download and execute payloads such as Bumblebee, IcedID, and Qakbot. A recent study by cybersecurity experts has shown that it is possible to identify relationships between different threat actors by...

Timely patching is good, but sometimes it's not enough

Ransomware gangs have shown that they can play a long game, so it shouldnt come as a surprise to learn of one prepared to wait months to make use of a compromised system. S-RMs Incident Response team shared details of a campaign attributed to the Lorenz ransomware group that exploited a specific...

Kinsing Crypto Malware Hits Kubernetes Clusters via Misconfigured PostgreSQL

The threat actors behind the Kinsing cryptojacking operation have been spotted exploiting misconfigured and exposed PostgreSQL servers to obtain initial access to Kubernetes environments. A second initial access vector technique entails the use of vulnerable images, Sunders Bruskin, security...