Unisoc (Shanghai) Technologies Co., Ltd. Security Vulnerabilities

IKEv1 Main Mode vulnerable to brute force attacks

Overview Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Description The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. (CVE-2018-5389) It is well known, that the aggressive mode of IKEv1 PSK is...

EulerOS Virtualization for ARM 64 3.0.5.0 : openssl (EulerOS-SA-2020-1063)

According to the versions of the openssl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : In situations where an attacker receives automated notification of the success or failure of a decryption ...

Default configuration

Initialization of a resource with an insecure default vulnerability in OET-213H-BTS1 sold in Japan by Atsumi Electric Co., Ltd. allows a network-adjacent unauthenticated attacker to configure and control the affected...

PYSEC-2024-31

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). It is possible to find out usernames from the response time of login requests. This could aid attackers in credential attacks. Version 4.2.0 patches...

co-optimus.com Cross Site Scripting vulnerability OBB-3809950

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Arbitrary File Read Vulnerability in Yonghong One-Stop Big Data BI Platform of Beijing Yonghong Business Intelligence Technology Co.

Yonghong One-Stop Big Data BI Platform is a one-stop big data analysis platform. Beijing Yonghong Business Intelligence Technology Co., Ltd. Yonghong One-Stop Big Data BI Platform suffers from an arbitrary file read vulnerability, which can be exploited by attackers to obtain sensitive...

Assessing the Y, and How, of the XZ Utils incident

High-end APT groups perform highly interesting social engineering campaigns in order to penetrate well-protected targets. For example, carefully constructed forum responses on precision targeted accounts and follow-up "out-of-band" interactions regarding underground rail system simulator software.....

Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware

Threat actors with suspected ties to China and North Korea have been linked to ransomware and data encryption attacks targeting government and critical infrastructure sectors across the world between 2021 and 2023. While one cluster of activity has been associated with the ChamelGang (aka...

CVE-2023-23006

A NULL pointer dereference flaw was found in the Linux kernel’s Mellanox Technologies software-managed steering driver. This flaw allows a local user to crash the...

CVE-2017-20190

Some Microsoft technologies as used in Windows 8 through 11 allow a temporary client-side performance degradation during processing of multiple Unicode combining characters, aka a "Zalgo text" attack. NOTE: third parties dispute whether the computational cost of interpreting Unicode data should be....

Qualys Launches MSSP Portal to Empower Managed Security Service Providers

In the words of Sun Tzu, 'In the midst of chaos, there is also opportunity.' This aptly captures the essence of today's cybersecurity landscape. Managed Security Service Providers (MSSPs) stand at the forefront, turning chaos into opportunity by securing digital assets across the entire...

RedHat Update for samba3x RHSA-2011:1220-01

The remote host is missing an update for...

RedHat Update for samba and cifs-utils RHSA-2011:1221-01

The remote host is missing an update for...

Checkmk Agent 2.0.0 / 2.1.0 / 2.2.0 Local Privilege Escalation

...

4-Step Approach to Mapping and Securing Your Organization's Most Critical Assets

You're probably familiar with the term "critical assets". These are the technology assets within your company's IT infrastructure that are essential to the functioning of your organization. If anything happens to these assets, such as application servers, databases, or privileged identities, the...

.NET 8.0 Update - April 09, 2024 (KB5037338)

.NET 8.0 Update - April 09, 2024 (KB5037338) NET 8.0 has been refreshed with the latest update as of April 09, 2024. This update contains both security and non-security fixes. See the release notes for details on updated packages..NET 8.0 servicing updates are upgrades. The latest servicing update....

.NET 6.0 Update - April 09, 2024 (KB5037336)

.NET 6.0 Update - April 09, 2024 (KB5037336) .NET 6.0 has been refreshed with the latest update as of April 09, 2024. This update contains both security and non-security fixes. See the release notes for details on updated packages..NET 6.0 servicing updates are upgrades. The latest servicing...

.NET 7.0 Update - April 09, 2024 (KB5037337)

.NET 7.0 Update - April 09, 2024 (KB5037337) NET 7.0 has been refreshed with the latest update as of April 09, 2024. This update contains both security and non-security fixes. See the release notes for details on updated packages..NET 7.0 servicing updates are upgrades. The latest servicing update....

FakeUpdates Malware Campaign Targets WordPress – Millions of Sites at Risk

By Waqas The February 2024 Global Threat Index report released by Check Point Software Technologies Ltd. exposes the alarming vulnerability of cybersecurity worldwide. This is a post from HackRead.com Read the original post: FakeUpdates Malware Campaign Targets WordPress - Millions of Sites at...

Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds

A forensic analysis of a graph dataset containing transactions on the Bitcoin blockchain has revealed clusters associated with illicit activity and money laundering, including detecting criminal proceeds sent to a crypto exchange and previously unknown wallets belonging to a Russian darknet...

HTTP Header Information Disclosure

The HTTP headers sent by the remote web server disclose information that can aid an attacker, such as the server version and technologies used by the web...

RedHat Update for samba RHSA-2011:1219-01

The remote host is missing an update for...

Fake Lawsuit Threat Exposes Privnote Phishing Sites

A cybercrook who has been setting up websites that mimic the self-destructing message service privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. The disclosure revealed a profitable network of phishing sites that behave and...

CVE-2019-18808

A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability. Mitigation In order to mitigate this issue it is possible...

runc (docker) File Descriptor Leak Privilege Escalation

All versions of runc <=1.1.11, as used by containerization technologies such as Docker engine, and Kubernetes are vulnerable to an arbitrary file write. Due to a file descriptor leak it is possible to mount the host file system with the permissions of runc (typically root). Successfully tested o...

systemd security update

[252-32.0.2] - Due to a new [Orabug: 36564551] filed on April 29 2024, reverting from back to - previous Tony Lam patch [Orabug: 25897792] until issue with [Orabug: 36564551] is resolved. - Re-Added 1001-Fix-missing-netdev-for-iscsi-entry-in-fstab.patch [Orabug: 25897792] - Removed the following,.....

Rapid7 Releases the 2024 Attack Intelligence Report

Today, during our Take Command Summit, we released our 2024 Attack Intelligence Report, which pulls in expertise from our researchers, our detection and response teams, and threat intelligence teams. The result is the clearest picture yet of the expanding attack surface and the threats security...

SQL Injection Vulnerability in Electronic Document Security Management System of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-11433)

Electronic document security management system is a controllable authorization of electronic document security sharing management system, using real-time dynamic encryption and decryption protection technology and real-time rights recovery mechanism, to provide all kinds of electronic documents...

(Pwn2Own) QNAP TS-464 File Upload Directory Traversal Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of QNAP TS-464 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of file uploads. The issue results from the lack of proper...

TCG TPM2.0 implementations vulnerable to memory corruption

Overview Two buffer overflow vulnerabilities were discovered in the Trusted Platform Module (TPM) 2.0 reference library specification, currently at Level 00, Revision 01.59 November 2019. An attacker who has access to a TPM-command interface can send maliciously-crafted commands to the module and.....

WikiLeaks and Corporate Security: Lessons from Recent Data Leaks

WikiLeaks' release of secret government communications should serve as a warning to the nation's biggest companies: You're next. Computer experts have warned for years about the threat posed by disgruntled insiders and poorly crafted security policies that give too much access to confidential...

Over 110,000 Websites Affected by Hijacked Polyfill Supply Chain Attack

Google has taken steps to block ads for e-commerce sites that use the Polyfill.io service after a Chinese company acquired the domain and modified the JavaScript library ("polyfill.js") to redirect users to malicious and scam sites. "Protecting our users is our top priority. We detected a security....

Apple Launches Private Cloud Compute for Privacy-Centric AI Processing

Apple has announced the launch of a "groundbreaking cloud intelligence system" called Private Cloud Compute (PCC) that's designed for processing artificial intelligence (AI) tasks in a privacy-preserving manner in the cloud. The tech giant described PCC as the "most advanced security architecture.....

Rapid7 Infuses Generative AI into the InsightPlatform to Supercharge SecOps and Augment MDR Services

In the ever-evolving landscape of cybersecurity, staying ahead of threats is not just a goal—it's a necessity. At Rapid7, we are pioneering the infusion of artificial intelligence (AI) into our platform and service offerings, transforming the way security operations centers (SOCs) around the globe....

SQL Injection Vulnerability in Electronic Document Security Management System of Beijing Yisaitong Technology Development Co., Ltd (CNVD-2024-11424)

Electronic document security management system is a controllable authorization of electronic document security sharing management system, using real-time dynamic encryption and decryption protection technology and real-time rights recovery mechanism, to provide all kinds of electronic documents...

Debian dsa-5680 : affs-modules-6.1.0-21-4kc-malta-di - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5680 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a...

Report: The Dark Side of Phishing Protection

The transition to the cloud, poor password hygiene and the evolution in webpage technologies have all enabled the rise in phishing attacks. But despite sincere efforts by security stakeholders to mitigate them - through email protection, firewall rules and employee education - phishing attacks are....

Emerson Ovation

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: Ovation Vulnerabilities: Missing Authentication for Critical Function, Insufficient Verification of Data Authenticity CISA is aware of a public report, known as...

CVE-2024-29104

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zimma Ltd. Ticket Tailor allows Stored XSS.This issue affects Ticket Tailor: from n/a through...

CVE-2024-29129

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPLIT Pty Ltd OxyExtras allows Reflected XSS.This issue affects OxyExtras: from n/a through...

OSGi 3.7.2 Remote Code Execution

...

CVE-2024-29216

Exposed IOCTL with insufficient access control issue exists in cg6kwin2k.sys prior to 2.1.7.0. By sending a specific IOCTL request, a user without the administrator privilege may perform I/O to arbitrary hardware port or physical address, resulting in erasing or altering the...

co-opcreditunions.org Cross Site Scripting vulnerability OBB-3805352

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2019-19045

A flaw was found in the Linux kernel. The Mellanox Technologies Innova driver mishandles resource cleanup on error. An attacker, able to trigger error could use this flaw to crash the system. The highest threat from this vulnerability is to system availability. Mitigation In order to mitigate this....

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

The following Rapid7 team members contributed to this blog: Ipek Solak, Thomas Elkins, Evan McCann, Matthew Smith, Jake McMahon, Tyler McGraw, Ryan Emmons, Stephen Fewer, and John Fenninger Overview Justice AV Solutions (JAVS) is a U.S.-based company specializing in digital audio-visual recording.....

Race condition

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

Command Execution Vulnerability in EG3210 of Beijing StarNet Ruijie Network Technology Co. Ltd (CNVD-2024-11054)

The EG3210 is a multi-service security gateway. A command execution vulnerability exists in the EG3210, which can be exploited by an attacker to gain control of a...

Race condition

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

Cinterion EHS5 3G UMTS/HSPA Module Research

Modems play an important role in enabling connectivity for a wide range of devices. This includes not only traditional mobile devices and household appliances, but also telecommunication systems in vehicles, ATMs and Automated Process Control Systems (APCS). When integrating the modem, many...

Multiple race conditions due to TOCTOU flaws in various UEFI Implementations

Overview Multiple Unified Extensible Firmware Interface (UEFI) implementations are vulnerable to code execution in System Management Mode (SMM) by an attacker who gains administrative privileges on the local machine. An attacker can corrupt the memory using Direct Memory Access (DMA) timing...