CVE-2024-32473

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. An container with an ipvl...

CVE-2024-32473 Moby IPv6 enabled on IPv4-only network interfaces

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. An container with an ipvl...

GHSA-X84C-P2G9-RQV9 IPv6 enabled on IPv4-only network interfaces

In 26.0.0 and 26.0.1, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. Impact A container with an ipvlan or macvlan interface will normally be configured to share an external network link with the host machine. Because of this direct access, wi...

Linux kernel on Intel systems is susceptible to Spectre v2 attacks

Overview A new cross-privilege Spectre v2 vulnerability that impacts modern CPU architectures supporting speculative execution has been discovered. CPU hardware utilizing speculative execution that are vulnerable to Spectre v2 branch history injection BHI are likely affected. An unauthenticated...

Why a Cloud Security Platform Approach is Critical

Explore how a cybersecurity platform with attack surface management and runtime protection capabilities can enhance your cloud security posture...

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

Meeting FISMA (M-24-04) Requirements with a Unified Attack Surface Management Strategy

At the end of 2023, the Office of Management and Budget OMB released the FY24 FISMA Guidance M-24-04 with a broad focus on securing the entire attack surface and specific action items for agencies pertaining to High Value Assets, IoT/OT devices, and internet-connected assets. In reference to rece...

Exploit for Out-of-bounds Write in Apple Ipados

CVE-2022-32932 : ZinComputeProgramUpdateMutables OOB write d...

Why The External Attack Surface Matters: An analysis into APAC related threat activities

Co-authors are Robin Long and Raj Samani Considerable focus within the cybersecurity industry has been placed on the attack surface of organizations, giving rise to external attack surface management EASM technologies as a means to monitor said surface. It would appear a reasonable approach, on t...

kernel: vmwgfx: reference count issue leads to use-after-free in surface handling

The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user...

De-risking Your Organization in Spite of NVD Delays

In the face of recent struggles with the National Vulnerability Database NVD, causing delays in analyzing Common Vulnerabilities and Exposures CVEs since February 12, 2024, a significant number of CVEs lacked essential metadata including severity scores and affected product details. Qualys remain...

BIT-DISCOURSE-2022-21684 User can bypass approval when invited to Discourse

Discourse is an open source discussion platform. Versions prior to 2.7.13 in stable, 2.8.0.beta11 in beta, and 2.8.0.beta11 in tests-passed allow some users to log in to a community before they should be able to do so. A user invited via email to a forum with mustapproveusers enabled is going to ...

BIT-AIRFLOW-2023-37379 Apache Airflow: Exposure of sensitive connection information, DOS and SSRF on "test connection" feature

Apache Airflow, in versions prior to 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerability allows the user to access connection information and exploit the test connection feature by sending many requests,...

What is Exposure Management and How Does it Differ from ASM?

Startups and scales-ups are often cloud-first organizations and rarely have sprawling legacy on-prem environments. Likewise, knowing the agility and flexibility that cloud environments provide, the mid-market is predominantly running in a hybrid state, partly in the cloud but with some on-prem...

Siemens Parasolid Null Pointer Dereference Vulnerability

Parasolid is a 3D geometry modeling tool that supports a variety of techniques including solid modeling, direct editing and free-form surface/table modeling. Siemens Parasolid null pointer dereference vulnerability can be exploited by an attacker to crash an application, resulting in a denial of...

On the Insecurity of Software Bloat

Good essay on software bloat and the insecurities it causes. The world ships too much code, most of it by third parties, sometimes unintended, most of it uninspected. Because of this, there is a huge attack surface full of mediocre code. Efforts are ongoing to improve the quality of code itself,...

CVE-2024-21849

When an Advanced WAF/ASM security policy and a Websockets profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Wazuh in the Cloud Era: Navigating the Challenges of Cybersecurity

Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management. The cloud offers scalability, adaptability, and accessibility, enabling businesses to achieve sustainable growth. However,...

Four Key Benefits of Rapid7’s New Managed Digital Risk Protection Service

Cybercrime has boomed to the third largest economy in the world behind the US and China Cybernews, with much of the most nefarious behavior on the dark web. Monitoring it effectively can be the key to identifying the earliest signals of an attack – and the difference between a minor event and a...

gimp: dds buffer overflow RCE

A parsing vulnerability was found in the GNU Image Manipulation Program GIMP. This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious DDS file, possibly enabling the execution of unauthorized code within the GIMP process...