Aggregator

A vulnerability was found in PoDoFo 0.9.6. It has been classified as problematic. This affects the function PdfPagesTreeCache of the file doc/PdfPagesTreeCache.cpp. The manipulation leads to improper resource management. This vulnerability is uniquely identified as CVE-2019-10723. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability classified as problematic was found in Linux Kernel up to 6.1.63/6.5.12/6.6.2. Affected by this vulnerability is the function cifs_debug_data_proc_show of the file /proc/fs/cifs/DebugData. The manipulation leads to use after free. This vulnerability is known as CVE-2023-52752. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.5. Affected by this issue is some unknown functionality. The manipulation leads to denial of service. This vulnerability is handled as CVE-2023-52916. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in PoDoFo 0.9.5. Affected by this issue is the function GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement of the file graphicsstack.h. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2017-6841. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in PoDoFo 0.9.4. This vulnerability affects the function PoDoFo::PdfColorGray::~PdfColorGray of the file PdfColor.cpp. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2017-6849. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in OpenSSL up to 3.3.1. It has been declared as critical. This vulnerability affects the function SSL_select_next_proto of the component Client Protocol Handler. The manipulation of the argument client/client_len leads to memory corruption. This vulnerability was named CVE-2024-5535. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Microsoft .NET, .NET Framework and Visual Studio. It has been classified as critical. Affected is an unknown function. The manipulation leads to inefficient algorithmic complexity. This vulnerability is traded as CVE-2024-43483. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft .NET, .NET Framework and Visual Studio. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to inefficient algorithmic complexity. This vulnerability is known as CVE-2024-43484. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft .NET and Visual Studio. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to inefficient algorithmic complexity. This vulnerability is handled as CVE-2024-43485. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in OWASP ModSecurity 3.0.12. It has been classified as problematic. Affected is an unknown function of the component Input Handler. The manipulation of the argument name leads to denial of service. This vulnerability is traded as CVE-2024-46292. The attack needs to be approached within the local network. Furthermore, there is an exploit available.

A vulnerability was found in libcoap up to 4.3.5-rc2 and classified as problematic. This issue affects the function coap_handle_request_put_block of the file src/coap_block.c. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2024-46304. The attack may be initiated remotely. There is no exploit available.

The privacy flaw in Apple’s iPhone mirroring feature enables personal apps on an iPhone to be listed in a company’s software inventory when the feature is used on work computers

Максимально доступная скорость в 10 Мбит/с обойдется компаниям в $4,6 тысяч в месяц.

A vulnerability was found in Maccabi Pakal 1.2 and classified as critical. Affected by this issue is some unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is handled as CVE-2014-7522. Access to the local network is required for this attack. There is no exploit available.

On July 10, 2024, Palo Alto released a security advisory for CVE-2024-5910, a vulnerability which allowed attackers to remotely reset the Expedition application admin credentials. While we had never heard of Expedition application before, it’s advertised as: The purpose of this tool is to help reduce the time and efforts of migrating a configuration from a supported vendor to Palo Alto Networks. By using Expedition, everyone can convert a configuration from Checkpoint, Cisco, or any other vendor to a PAN-OS and give you more time to improve the results. Further reading the documentation, it became clear that this application might have more attacker value than initially expected. The Expedition application is deployed on Ubuntu server, interacted with via a web service, and users remotely integrate vendor devices by adding each system’s credentials. Figure 1. Integrating a device with credentials This blog details finding CVE-2024-5910, but also how we ended up discovering 3 additional vulnerabilities which we reported to Palo Alto: CVE-2024-9464: Authenticated Command Injection CVE-2024-9465: Unauthenticated SQL Injection CVE-2024-9466: Cleartext Credentials in Logs CVE-2024-5910: No Reversing Needed Given the description of the vulnerability, it sounded like there existed some built in function that allowed reseting the admin credential. Missing authentication […]

The post Palo Alto Expedition: From N-Day to Full Compromise appeared first on Horizon3.ai.

The post Palo Alto Expedition: From N-Day to Full Compromise appeared first on Security Boulevard.

Evolving threats require security solutions that match the sophistication of modern threats. Learn more about how Wazuh, the open-source XDR and SIEM, tackles these threats. [...]

Multimodal AI systems can help enterprise defenders weed out fraudulent emails, even if the system has not seen that type of message before.

A vulnerability has been found in FydeOS for PC, FydeOS for VMware, FydeOS for You and OpenFyde and classified as very critical. This vulnerability affects unknown code. The manipulation leads to empty password in configuration file. This vulnerability was named CVE-2024-25825. Access to the local network is required for this attack. There is no exploit available.

国家安全局（NSA）与澳大利亚、加拿大、德国、日本、荷兰、新西兰、韩国和英国的网络安全机构合作，发布了一份指南，概述了六个原则，这些原则可以用来指导创建和维护一个安全的关键基础设施操作技术（OT）环境。