PYSEC-2023-237

An issue in AsyncSSH v2.14.0 and earlier allows attackers to control the extension info message RFC 8308 via a man-in-the-middle attack...

ELECOM WRC-X3000GS2-W Security Vulnerability

The ELECOM WRC-X3000GS2-W is a wireless router from ELECOM. A security vulnerability exists in the ELECOM WRC-X3000GS2-W that originates from the possibility that an attacker may be able to guess the encryption key used for wireless LAN communication and intercept the communication...

A week in security (November 06 – November 12)

Last week on Malwarebytes Labs: Defeating Little Brother requires a new outlook on privacy: Lock and Code S04E23 Medical research data Advarra stolen after SIM swap Okta breach happened after employee logged into personal Google account Introducing ThreatDown: A new chapter for Malwarebytes...

http-tiny: perl: insecure TLS cert default

A vulnerability was found in Tiny, where a Perl core module and standalone CPAN package, does not verify TLS certificates by default. Users need to explicitly enable certificate verification with the verifySSL=1 flag to ensure secure HTTPS connections. This oversight can potentially expose...

CVE-2023-42532

Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker to intercept the network traffic including Firmware information...

CVE-2023-42532

Summary: CVE-2023-42532 concerns the Samsung FotaAgent. Root cause: improper certificate validation in FotaAgent prior to the SMR Nov-2023 Release1. Impact: remote attacker could intercept network traffic, including firmware information, leading to potential confidentiality exposure. Affected sof...

PT-2023-28398 · Fotaagent · Fotaagent

Name of the Vulnerable Software and Affected Versions: FotaAgent versions prior to SMR Nov-2023 Release1 Description: The issue is related to improper certificate validation, which allows a remote attacker to intercept network traffic, including firmware information. Recommendations: For versions...

SAMSUNG Mobile devices security vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from Samsung South Korea. A security vulnerability exists in SAMSUNG Mobile devices prior to SMR Nov-2023 Release 1, which stems from improper certificate validation in the FotaAgent module. A remot...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect check in svmsetx2apicmsrinterception when a guest resets its apic that could allow direct acces...

Bookly < 22.5 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. As an admin user, visit the Bookly...

Bookly < 22.5 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. As an admin user, visit the...

Input validation

A vulnerability in the implementation of Security Assertion Markup Language SAML 2.0 single sign-on SSO for remote access VPN in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to intercept the SAML...

CVE-2023-20264

Cisco ASA/FTD SAML SSO implementation flaw allows an unauthenticated attacker to intercept a user’s SAML assertion during remote VPN authentication due to insufficient login URL validation. An attacker can entice a user to visit a site under the attacker’s control, modify the login URL, and use t...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SAML Assertion Hijack Vulnerability

A vulnerability in the implementation of Security Assertion Markup Language SAML 2.0 single sign-on SSO for remote access VPN in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to intercept the SAML...

google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization

PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized...

USN-6458-1 slurm-llnl, slurm-wlm vulnerabilities

It was discovered that Slurm did not properly handle credential management, which could allow an unprivileged user to impersonate the SlurmUser account. An attacker could possibly use this issue to execute arbitrary code as the root user. CVE-2022-29500 It was discovered that Slurm did not proper...

The vulnerability of the svm_set_x2apic_msr_interception() function in the arch/x86/kvm/svm/svm.c module of the KVM subsystem in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the svmsetx2apicmsrinterception function in the arch/x86/kvm/svm/svm.c module of the KVM subsystem in the Linux operating system is related to an incorrect sequence of operations when switching to the xapic working mode. Exploiting this vulnerability could allow a attacker to...

Researchers Uncover Wiretapping of XMPP-Based Instant Messaging Service

New findings have shed light on what's said to be a lawful attempt to covertly intercept traffic originating from jabber.ru aka xmpp.ru, an XMPP-based instant messaging service, via servers hosted on Hetzner and Linode a subsidiary of Akamai in Germany. "The attacker has issued several new TLS...

CVE-2023-45321

The Android Client application, when enrolled with the define method 1 the user manually inserts the server ip address, use HTTP protocol to retrieve sensitive information ip address and credentials to connect to a remote MQTT broker entity instead of HTTPS and this feature is not configurable by...

PT-2023-29497 · Google · Android Client

Name of the Vulnerable Software and Affected Versions: Android Client application affected versions not specified Description: The issue concerns the use of the HTTP protocol instead of HTTPS to retrieve sensitive information, including IP addresses and credentials for a remote MQTT broker entity...