CVE-2018-1000226

It was found that the cobbler API did not validate the client's token for all methods. An unauthenticated attacker could use this flaw to call sensitive methods without having to authenticate first...

DEBIAN-CVE-2018-1000632

dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...

Google Expands Bug-Bounty Program to Battle Abuse Methods

Google is now offering rewards for newly-discovered techniques that bad actors could use to bypass its systems protecting against abuse, fraud and spam. The company has expanded its bug bounty program scope beyond security vulnerabilities to also focus on mitigations around potential abuse method...

GHSA-PXQR-8V54-M2HJ Cross-site request forgery in rails_admin

railsadmin ruby gem v1.1.1 is vulnerable to cross-site request forgery CSRF attacks. Non-GET methods were not validating CSRF tokens and, as a result, an attacker could hypothetically gain access to the application administrative endpoints exposed by the gem...

Microsoft Windows: Disallow copying of user input methods to the system account for sign-in

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winuserinputmethodssignin.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for Disallow copying of user input methods to the system account for sign-in Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks...

SUSE-SU-2018:2207-1 Security update for openssl

This update for openssl fixes the following issues: - CVE-2018-0732: During key agreement in a TLS handshake using a DHE based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period of time generating a ke...

openSUSE: Security Advisory for libgcrypt (openSUSE-SU-2018:2178-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

On the Hunt for FIN7: Pursuing an Enigmatic and Evasive Global Criminal Operation

FIN7’s Innovation Enabled their Success Throughout FireEye’s tracking of FIN7 campaigns, the attackers have attempted to stay ahead of the game and thwart detection, using novel tactics and displaying characteristics of a well-resourced operation. For example, in April 2017, FireEye blogged about...

openSUSE: Security Advisory for qutebrowser (openSUSE-SU-2018:2130-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Privilege escalation

In CloudForms Management Engine cfme before 5.7.3 and 5.8.x before 5.8.1, it was found that privilege check is missing when invoking arbitrary methods via filtering on VMs that MiqExpression will execute that is triggerable by API users. An attacker could use this to execute actions they should n...

[SECURITY] Fedora 27 Update: libgit2-0.26.5-1.fc27

libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...

Blocking Cryptocurrency Mining Using Cisco Security Products

Cisco Talos is releasing a whitepaper addressing Cryptocurrency mining and all the ways to block it using Cisco Security products. The value of cryptocurrencies has fluctuated wildly, but the value is still high enough to garner a lot of attention, both legitimate and malicious. Most of the...

The return of Fantomas, or how we deciphered Cryakl

In early February this year, Belgian police seized the C&C servers of the infamous Cryakl cryptor. Soon afterwards, they handed over the private keys to our experts, who used them to update the free RakhniDecryptor tool for recovering files encrypted by the malware. The ransomware, which for year...

CVE-2017-13095

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. The methods are flawed and, in the most egregious cases, enable...

CVE-2017-13091 The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods are flawed and, in t...

CVE-2017-13095 The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of a license-deny response to a license grant

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. The methods are flawed and, in the most egregious cases, enable...

CVE-2017-13097 The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax license requirement

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. The methods are flawed and, in the most egregious case...

CVE-2017-13094

The CVE-2017-13094 entry concerns flaws in the IEEE P1735 cryptographic workflow for encrypting electronic-design IP. The available documents describe that the standard enables manipulation of the encryption key and insertion of hardware trojans into IP, potentially allowing an attacker to recove...

SUSE-SU-2018:1938-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk to version 8u171 fixes the following issues: These security issues were fixed: - S8180881: Better packaging of deserialization - S8182362: Update CipherOutputStream Usage - S8183032: Upgrade to LittleCMS 2.9 - S8189123: More consistent classloading - S8189969,...

Cross site request forgery (csrf)

railsadmin ruby gem v1.1.1 is vulnerable to cross-site request forgery CSRF attacks. Non-GET methods were not validating CSRF tokens and, as a result, an attacker could hypothetically gain access to the application administrative endpoints exposed by the gem...