311 matches found
Exploit for Expression Language Injection in Atlassian Confluence_Data_Center
CVE-2022-26134-poc CVE-2022-26134 is a Remote Code Exec...
CVE-2024-9479
creationtimestamp| type| source ---|---|--- 2024-11-20 13:44:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113515578212672947 2024-11-20 16:15:07+00:00| seen| https://t.me/cvedetector/11604...
CVE-2024-51488
creationtimestamp| type| source ---|---|--- 2024-11-11 19:43:44+00:00| seen| https://infosec.exchange/users/cve/statuses/113466030368936843 2024-11-11 21:57:49+00:00| seen| https://t.me/cvedetector/10532...
A Comprehensive Guide to Finding Service Accounts in Active Directory
Service accounts are vital in any enterprise, running automated processes like managing applications or scripts. However, without proper monitoring, they can pose a significant security risk due to their elevated privileges. This guide will walk you through how to locate and secure these accounts...
CVE-2024-47522 Suricata ja4: invalid alpn leads to panic
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, invalid ALPN in TLS/QUIC traffic when JA4 matching/logging is enabled can lead to Suricata aborting with a panic. This issue has been addressed in 7.0.7. O...
CVE-2024-47522
CVE-2024-47522 affects Suricata (network IDS/IPS/NSM). The issue: invalid ALPN in TLS/QUIC traffic when JA4 matching/logging is enabled can cause Suricata to abort with a panic. It is fixed in version 7.0.7; upgrading to 7.0.7 or later mitigates the flaw. A temporary workaround is to disable JA4 ...
CVE-2024-45795
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during traffic parsing, leading to denial of service...
CVE-2024-45796
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed reassembly for valid traffic. An attacker could craft packets to trigger this behavior.This iss...
CVE-2024-47188
Suricata (IDS/IPS/NSM engine) is affected by CVE-2024-47188 and related 7.x/8.x issues. PTSecurity entries describe heap overflow in logging verdict information (eve.alert/eve.drop) for Suricata versions prior to 7.0.13 and prior to 8.0.2, potentially crashing the process. A workaround mentioned ...
CVE-2024-47187 Suricata datasets: missing hashtable random seed leads to potential DoS
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavior. This can lead to dataset file loading to us...
CVE-2024-47187
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavior. This can lead to dataset file loading to us...
CVE-2024-45796
CVE-2024-45796 affects Suricata, a network IDS/IPS/NSM engine. The issue is a logic error during fragment reassembly that can cause failed reassembly for valid traffic when processing certain fragments. This vulnerability is addressed in Suricata version 7.0.7; upgrading to 7.0.7 or later mitigat...
CVE-2024-45795
Suricata (IDS/IPS/NSM) prior to 7.0.7 is vulnerable to an assertion during traffic parsing when rules use datasets with the non-functional/unimplemented “unset” option, potentially enabling denial-of-service. The issue is addressed in version 7.0.7; recommended mitigations include updating to 7.0...
CVE-2024-45795 Suricata detect/datasets: reachable assertion with unimplemented rule option
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during traffic parsing, leading to denial of service...
CVE-2024-45795 Suricata detect/datasets: reachable assertion with unimplemented rule option
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during traffic parsing, leading to denial of service...
What Are Normal Users Supposed to Do with IDS Alerts from Network Gear?
Probably once a week, I see posts like this in the r/Ubiquiti subreddit. Ubiquiti makes network gear that includes an "IDS/IPS" feature. I own some older Ubiquiti gear so I am familiar with the product. When you enable this feature, you get alerts like this one, posted by a Redditor: This is...
Siemens SINEC Security Monitor Command Injection Vulnerability
SINEC Security Monitor is a modular network security software for passive, non-intrusive, continuous network security monitoring during production processes at customer sites. Siemens SINEC Security Monitor suffers from a command injection vulnerability that originates from a failure to properly...
PT-2024-41130 · Trend Micro · Trend Micro Apex Central
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex Central affected versions not specified Description: The issue is related to insufficient validation of incoming requests in the modOSCE component of Trend Micro Apex Central, a security monitoring and management tool. This c...
PT-2024-28629 · Capsule · Capsule
Name of the Vulnerable Software and Affected Versions: Capsule versions 0.7.0 and earlier Description: The issue allows a tenant-owner to patch any arbitrary namespace that has not been taken over by a tenant, thereby gaining control of that namespace. This is possible because namespaces without...
My First Book Is 20 Years Old Today
On this day in 2004, Addison-Wesley/Pearson published my first book, The Tao of Network Security Monitoring: Beyond Intrusion Detection. This post from 2017 explains the differences between my first four books and why I wrote Tao. Today, I'm always thrilled when I hear that someone found my books...