Yakir Sitbon, Ariel Klikstein Security Vulnerabilities

XCSSET Quickly Adapts to macOS 11 and M1-based Macs

This latest update details our new research on XCSSET, including the ways in which it has adapted itself to work on both ARM64 and x86_x64...

Unbreakable Enterprise kernel security update

[4.14.35-2047.500.9.1] - xen-blkback: fix error handling in xen_blkbk_map() (Jan Beulich) [Orabug: 32492110] {CVE-2021-26930} - xen-scsiback: dont 'handle' error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931} - xen-netback: dont 'handle' error by BUG() (Jan Beulich) [Orabug:...

Unbreakable Enterprise kernel security update

[4.14.35-2025.405.3] - Revert 'rds: Deregister all FRWR mr with free_mr' (aru kolappan) [Orabug: 32426280] [4.14.35-2025.405.2] - nfs: Fix security label length not being reset (Jeffrey Mitchell) [Orabug: 32350995] [4.14.35-2025.405.1] - net/rds: Fix gfp_t parameter (Hans Westgaard Ry) [Orabug:...

Unbreakable Enterprise kernel-container security update

[4.14.35-2025.405.3.el7] - Revert 'rds: Deregister all FRWR mr with free_mr' (aru kolappan) [Orabug: 32426280] [4.14.35-2025.405.2.el7] - nfs: Fix security label length not being reset (Jeffrey Mitchell) [Orabug: 32350995] [4.14.35-2025.405.1.el7] - net/rds: Fix gfp_t parameter (Hans...

New Malware Hijacks Kubernetes Clusters to Mine Monero

Researchers have discovered never-before-seen malware, dubbed Hildegard, that is being used by the TeamTNT threat group to target Kubernetes clusters. While Hildegard, initially detected in January 2021, is initially being used to launch cryptojacking operations, researchers believe that the...

Citrix SD-WAN Bugs Allow Remote Code Execution

Three security bugs in the Citrix software-defined (SD)-WAN platform would allow remote code-execution and network takeover, according to researchers. The flaws affect the Citrix SD-WAN Center (in versions before 11.2.2, 11.1.2b and 10.2.8). They consist of an unauthenticated path traversal and...

Silver Peak SD-WAN Bugs Allow for Network Takeover

Silver Peak’s Unity Orchestrator, a software-defined WAN (SD-WAN) management platform, suffers from three remote code-execution security bugs that can be chained together to allow network takeover by unauthenticated attackers. SD-WAN is a cloud-based networking approach used by enterprises and...

Citrix SDWAN Center Security Update

Description of Problem Multiple vulnerabilities have been discovered in Citrix SD-WAN Center that, if exploited, could allow an unauthenticated attacker with network access to SD-WAN Center to perform arbitrary code execution as root. These vulnerabilities have the following identifiers: CVE|...

APT Groups Finding Success with Mix of Old and New Tools

Advanced persistent threat (APT) groups continue to use the fog of intense geopolitics to supercharge their campaigns, but beyond these themes, actors are developing individual signature tactics for success. That’s according to Kaspersky’s most recent APT trends report for Q3 2020, which found...

ariel-vac.com Cross Site Scripting vulnerability OBB-1422257

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

ariel-vac.com Cross Site Scripting vulnerability OBB-1412164

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

ariel-vac.com Cross Site Scripting vulnerability OBB-1401906

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence....

HackerOne: Graphql: Sorting the reports by jira_status field resulted to different value

Summary: Sorting the reports by jira_status yield to different result depicting the team is using jira even the user has no access. Description: A user with no access to jira information of any reports can somehow access the jira field using order_by through jira_status Using the 2 graphql below...

Parallels RAS OS Command Execution

Advisory Information Title: Parallels RAS OS Command Execution Advisory ID: CORE-2020-0011 Advisory URL: https://www.coresecurity.com/core-labs/advisories/parallels-ras-os-command-execution Date published: 2020-07-23 Date of last update: 2020-07-21 Vendors contacted: Parallels Release mode:...

IBM ServeRAID Manager exposes unauthenticated Java Remote Method Invocation (RMI) service

Overview IBM ServeRAID Manager version 9.30-17006 and prior exposes a Java RMI that allows a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description IBM ServeRAID Manager includes an embedded instance of Java version 1.4.2. Both ServeRAID Manager and Java...

Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS

A pair of bugs in the Kubernetes open-source cloud container software can be “highly dangerous” under some Kubernetes configurations, according to researchers. The flaws, CVE-2019-16276 and CVE-2019-11253, have been patched in Kubernetes builds 1.14.8, 1.15.5 and 1.16.2. Exploitation of the first.....

Unbreakable Enterprise kernel security update

[4.14.35-1902.4.8] - x86/boot: Clear RSDP address in boot_params for broken loaders (Juergen Gross) [Orabug: 30111373] [4.14.35-1902.4.7] - rds: ib: Qualify CM REQ duplicate detection with connection being up (Hakon Bugge) [Orabug: 30062149] - rds: Further prioritize local loop-back connections...

TikTok Scammers Cash In On Adult Dating, Impersonation Tricks

As social media platform TikTok becomes the top App Store download in 2019 – and the number three app download on Google Play and on platforms overall – scammers are looking to cash in on the troves of younger users of the popular platform. Tenable researcher Satnam Narang, who has been tracking...

Unbreakable Enterprise kernel security update

[4.14.35-1902.3.1] - x86/platform/UV: Mark tsc_check_sync as an init function ([email protected]) [Orabug: 29701029] - mm, page_alloc: check for max order in hot path (Michal Hocko) [Orabug: 29924411] - net/mlx5: FW tracer, Enable tracing (Feras Daoud) [Orabug: 29717200] - net/mlx5: FW...

Release of QRadar 7.2.8 Patch 4 (7.2.8.20170224202650) Updated w/Security Bulletins

Abstract A list of the installation instructions, new features, and resolved issues list for the release of IBM Security QRadar 7.2.8 Patch 4 (7.2.8.20170224202650). Content Known issue identified IMPORTANT: A known issue has been identified in QRadar 7.2.8 Patch 4 where QFlow Collector...

Critical Zcash Bug Could Have Allowed 'Infinite Counterfeit' Cryptocurrency

The developers behind the privacy-minded Zcash cryptocurrency have recently discovered and patched a highly dangerous vulnerability in the most secretive way that could have allowed an attacker to coin an infinite number of Zcash (ZEC). Yes, infinite… like a never-ending source of money. ...

At CES, Focus is On ‘Cool Factor’ Not IoT Security

With the Consumer Electronics Show (CES) afoot this week, headlines are crammed with the offbeat connected products from the show – including everything from a smart belt all the way down to a connected toilet. But one important topic seems to be missing from the troves of CES news (and even from.....

ariel-cyber.co.il XSS vulnerability

Open Bug Bounty ID: OBB-713534 Description| Value ---|--- Affected Website:| ariel-cyber.co.il Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| [hidden until disclosure] Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:|...

SNDBOX: AI-Powered Online Automated Malware Analysis Platform

Looking for an automated malware analysis software? Something like a 1-click solution that doesn't require any installation or configuration…a platform that can scale up your research time… technology that can provide data-driven explanations… well, your search is over! Israeli cybersecurity and...

ariel-cyber.co.il XSS vulnerability

Open Bug Bounty ID: OBB-681961 Description| Value ---|--- Affected Website:| ariel-cyber.co.il Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...

2games.com XSS vulnerability

Open Bug Bounty ID: OBB-658647 Description| Value ---|--- Affected Website:| 2games.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...

VLAN Network Segmentation ? What are The Hidden Costs?

...

ariel-books.com XSS vulnerability

Open Bug Bounty ID: OBB-649482 Description| Value ---|--- Affected Website:| ariel-books.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...

Another severe flaw in Signal desktop app lets hackers steal your chats in plaintext

For the second time in less than a week, users of the popular end-to-end encrypted Signal messaging app have to update their desktop applications once again to patch another severe code injection vulnerability. Discovered Monday by the same team of security researchers, the newly discovered...

“I too like to live dangerously”, Accidentally Finding RCE in Signal Desktop via HTML Injection in Quoted Replies

Remediation TL;DR If you’re a concerned Signal user please update to the latest version of Signal Desktop (fixed in version v1.11.0) which addresses all of these issues. Note that the mobile apps for Signal were not affected by this issue. Background Information If you’re an avid follower of all...

Signal Desktop HTML Tag Injection Variant 2

...

Signal Desktop HTML Injection

...

Hackers Reveal How Code Injection Attack Works in Signal Messaging App

After the revelation of the eFail attack details, it's time to reveal how the recently reported code injection vulnerability in the popular end-to-end encrypted Signal messaging app works. As we reported last weekend, Signal has patched its messaging app for Windows and Linux that suffered a...

Timely Password-Change Call from Twitter, as Bugs Hit WebEx and GPON routers

The cyber security news cycle is always active, so to help you stay in the loop here’s a selection of incidents that caught our attention over the past week or so involving, among others, Twitter, Cisco and GPON routers. Twitter picks a good day for password-change call As “change your password”...

Millions of Home Fiber Routers Vulnerable to Complete Takeover

UPDATE Consumers lucky enough to have blazing-fast 1Gbps internet access in their homes are likely to use the internet more than lower-broadband households; however, millions of them are at risk for hackers to gain wide-ranging access to their internet activities (including being able to view full....

USN-3532-1: GDK-PixBuf vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description It was discoreved that GDK-PixBuf incorrectly handled certain gif images. An attacker could use this to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS....

GDK-PixBuf vulnerabilities

Releases Ubuntu 17.10 Ubuntu 16.04 ESM Ubuntu 14.04 ESM Packages gdk-pixbuf - GDK Pixbuf library Details It was discoreved that GDK-PixBuf incorrectly handled certain gif images. An attacker could use this to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04...

Updated gdk-pixbuf2.0 packages fix security vulnerability

JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability (CVE-2017-2862). tiff_image_parse Code Execution Vulnerability (CVE-2017-2870). Ariel Zelivansky discovered that the GDK-PixBuf library did not properly handle printing certain error messages. If an user or automated system...

Mobile Stock Trading App Providers Unresponsive to Glaring Vulnerabilities

More than 20 of the most popular mobile trading applications used by consumers and day-traders for securities transactions contain glaring vulnerabilities that could allow attackers to sniff personal data or steal money from accounts. Researchers from IOActive today published a report describing...

USN-3418-1: GDK-PixBuf vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description It was discovered that the GDK-PixBuf library did not properly handle certain jpeg images. If an user or automated system were tricked into opening a specially crafted jpeg file, a remote attacker could...

GDK-PixBuf vulnerabilities

Releases Ubuntu 17.04 Ubuntu 16.04 ESM Ubuntu 14.04 ESM Packages gdk-pixbuf - GDK Pixbuf library Details It was discovered that the GDK-PixBuf library did not properly handle certain jpeg images. If an user or automated system were tricked into opening a specially crafted jpeg file, a remote...

When Looking for SWIFT Audit Guidelines, Beware of the Customer Security Controls Framework

...

Unbreakable Enterprise kernel security update

kernel-uek [4.1.12-103.3.8] - fs/exec.c: account for argv/envp pointers (Kees Cook) [Orabug: 26638900] {CVE-2017-1000365} {CVE-2017-1000365} [4.1.12-103.3.7] - i40e/i40evf: check for stopped admin queue (Mitch Williams) [Orabug: 26654222] [4.1.12-103.3.6] - xen: fix bio vec merging (Roger Pau...

arielbath.com XSS vulnerability

Vulnerable URL: http://www.arielbath.com/products/Ariel-by-Seacliff-Bayhill-42%22-Single%252dSink-Bathroom-Vanity-Set.html#!prettyPhoto/0,%3Ca%20onclick=%22alert(%27OPENBUGBOUNTY%27);%22%3E/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 20.11.2017 Vulnerability type:|...

Denial of service

Android allows users to cause a denial of...

CVE-2016-0833

Android allows users to cause a denial of...

CVE-2016-0833

Android allows users to cause a denial of...

CVE-2016-0833

Android allows users to cause a denial of...

Threat Outbreak Alert RuleID27586: Email Messages Distributing Malicious Software on February 2, 2017

Medium Alert ID: 52522 First Published: 2017 February 2 14:29 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID27586) may contain the following...

ForeScout CounterACT SecureConnector agent is vulnerable to privilege escalation

Overview On Windows endpoints, the SecureConnector agent is vulnerable to privilege escalation whereby an authenticated unprivileged user can obtain administrator privileges on the endpoint by causing the SecureConnector agent to execute arbitrary code. Description On Windows endpoints, the...