Aggregator

CVE-2024-8328 | Hwa Jiuh Digital Technology Easy Test Online Learning and Testing Platform prior 24A01 cross site scripting

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in Hwa Jiuh Digital Technology Easy Test Online Learning and Testing Platform. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-8328. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

ZDI-CAN-23382: Mintty

ZDI: Upcoming Advisories
4 months 2 weeks ago
A CVSS score 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'solid-snail' was reported to the affected vendor on: 2024-08-30, 67 days ago. The vendor is given until 2024-12-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

CVE-2024-1543 | wolfSSL up to 5.6.5 Side-Channel Protected T-Table timing discrepancy

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability, which was classified as problematic, has been found in wolfSSL up to 5.6.5. Affected by this issue is some unknown functionality of the component Side-Channel Protected T-Table Handler. The manipulation leads to observable timing discrepancy. This vulnerability is handled as CVE-2024-1543. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-8327 | Hwa Jiuh Digital Technology Easy Test Online Learning and Testing Platform prior 24A01 page sql injection

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability classified as critical has been found in Hwa Jiuh Digital Technology Easy Test Online Learning and Testing Platform. Affected is an unknown function. The manipulation of the argument page leads to sql injection. This vulnerability is traded as CVE-2024-8327. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-2502 | Silabs SE up to 2.2.5 Temper unusual condition

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability was found in Silabs SE up to 2.2.5. It has been declared as problematic. This vulnerability affects unknown code of the component Temper Handler. The manipulation leads to improper check for unusual conditions. This vulnerability was named CVE-2024-2502. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-45488 | One Identity Safeguard for Privileged Passwords up to 7.0.5.0/7.4.1/7.5.1 Cookie improper authorization

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability was found in One Identity Safeguard for Privileged Passwords up to 7.0.5.0/7.4.1/7.5.1. It has been classified as critical. This affects an unknown part of the component Cookie Handler. The manipulation leads to improper authorization. This vulnerability is uniquely identified as CVE-2024-45488. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-1545 | wolfSSL up to 5.6.6 on Linux/Windows wolfCrypt rsa.c RsaPrivateDecryption improper restriction of software interfaces to hardware features

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability was found in wolfSSL up to 5.6.6 on Linux/Windows and classified as problematic. Affected by this issue is the function RsaPrivateDecryption of the file wolfssl/wolfcrypt/src/rsa.c of the component wolfCrypt. The manipulation leads to improper restriction of software interfaces to hardware features. This vulnerability is handled as CVE-2024-1545. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-2881 | wolfSSL up to 5.6.6 on Linux wolfCrypt ed25519.c in wc_ed25519_sign_msg Rowhammer improper restriction of software interfaces to hardware features

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability has been found in wolfSSL up to 5.6.6 on Linux and classified as critical. Affected by this vulnerability is the function in wc_ed25519_sign_msg of the file wolfssl/wolfcrypt/src/ed25519.c of the component wolfCrypt. The manipulation leads to improper restriction of software interfaces to hardware features. This vulnerability is known as CVE-2024-2881. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

网络安全警报:游戏行业面临的新威胁

数世咨询
4 months 2 weeks ago
随着网络游戏和在线赌博成为黑客攻击的新焦点,全球游戏产业正面临前所未有的安全挑战。本文探讨了这一现象,并分析了如何加强网络安全以保护这一迅速发展的行业。

A macro look at the most pressing cybersecurity risks

Help Net Security
4 months 2 weeks ago

Forescout’s 2024H1 Threat Review is a new report that reviews the current state of vulnerabilities, threat actors, and ransomware attacks in the first half of 2024 and compares them to H1 2023. “Attackers are looking for any weak point to breach IT, IoT, and OT devices, and organizations that don’t know what they have connected to their networks or if it’s secured are being caught flat-footed,” said Barry Mainz, Forescout CEO. “To mitigate these extensive … More →

The post A macro look at the most pressing cybersecurity risks appeared first on Help Net Security.

Help Net Security

21款APP及SDK存在侵害用户权益行为被通报

嘶吼
4 months 2 weeks ago

关于侵害用户权益行为的APP(SDK)通报
(2024年第7批,总第42批)

工业和信息化部高度重视用户权益保护工作,依据《个人信息保护法》《网络安全法》《电信条例》《电信和互联网用户个人信息保护规定》等法律法规,持续整治APP侵害用户权益的违规行为。

近期,我部组织第三方检测机构进行抽查,共发现21款APP及SDK存在侵害用户权益行为(详见附件),现予以通报。

上述APP及SDK应按有关规定进行整改,整改落实不到位的,我部将依法依规组织开展相关处置工作。

附件:工业和信息化部通报存在问题的APP(SDK)名单

工业和信息化部信息通信管理局

2024年8月27日

文章来源自:工业和信息化部信息通信管理局

企业资讯

Sinon: Open-source automatic generative burn-in for Windows deception hosts

Help Net Security
4 months 2 weeks ago

Sinon is an open-source, modular tool for the automatic burn-in of Windows-based deception hosts. It aims to reduce the difficulty of orchestrating deception hosts at scale while enabling diversity and randomness through generative capabilities. Sinon is designed to automate the setup of deception hosts by performing various actions that simulate actual user activity. The goal is to create a realistic environment that can deceive potential intruders. Sinon’s modular and configurable nature allows for easy adjustments … More →

The post Sinon: Open-source automatic generative burn-in for Windows deception hosts appeared first on Help Net Security.

Mirko Zorz

Fortra 修复了关键的 FileCatalyst Workflow 硬编码密码问题

嘶吼
4 months 2 weeks ago

Fortra 称,FileCatalyst Workflow 中存在一个严重的硬编码密码漏洞,攻击者可以利用该漏洞未经授权访问内部数据库,从而窃取数据并获得管理员权限。

任何人都可以使用该硬编码密码远程访问暴露的 FileCatalyst Workflow HyperSQL (HSQLDB) 数据库,从而未经授权访问潜在的敏感信息。

此外,数据库凭据可能会被滥用来创建新的管理员用户,因此攻击者可以获得对 FileCatalyst Workflow 应用程序的管理级访问权限并完全控制系统。

在最近发布的安全公告中,Fortra 表示该问题被跟踪为 CVE-2024-6633(CVSS v3.1:9.8,“严重”),影响 FileCatalyst Workflow 5.1.6 Build 139 及更早版本。建议用户升级到 5.1.7 或更高版本。

Fortra 在公告中指出,HSQLDB 仅用于简化安装过程,并建议用户在安装后设置替代解决方案。因为没有按照建议配置 FileCatalyst Workflow 使用备用数据库的用户很容易受到任何可以到达 HSQLDB 的来源的攻击。暂时还没有缓解措施或解决方法,因此建议系统管理员尽快应用可用的安全更新。

缺陷发现和细节

Tenable 于 2024 年 7 月 1 日发现了 CVE-2024-6633,当时他们在所有 FileCatalyst Workflow 部署中都发现了相同的静态密码“GOSENSGO613”。Tenable 解释说,在产品的默认设置下,可以通过 TCP 端口 4406 远程访问内部 Workflow HSQLDB,因此暴露程度很高。

一旦登录到 HSQLDB,攻击者就可以在数据库中执行恶意操作。例如,攻击者可以在 DOCTERA_USERS 表中添加管理员级别的用户,从而允许以管理员用户身份访问 Workflow Web 应用程序。

高访问级别、易利用性以及利用 CVE-2024-6633 的网络犯罪分子的潜在收益使得此漏洞对 FileCatalyst Workflow 用户来说极其危险。Tenable 指出,最终用户无法通过常规方式更改此密码,因此升级到 5.1.7 或更高版本是唯一的解决方案。

Fortra 产品因为其中的严重漏洞可能导致多个高价值企业网络同时遭受大规模攻击因此始终是攻击者的主要目标之一。

胡金鱼

Managed ad