Security
Headlines
HeadlinesLatestCVEs

Latest News

GHSA-3vpc-4p9p-47hc: curl_cffi bundles a version of libcurl affected by High Severity vulnerability

### Summary curl_cffi is potentially affected by High Severity vulnerability (CVE-2023-38545) in libcurl<8.4.0 ### Details HIGH severity vulnerability in curl and libcurl: [announcement](https://github.com/curl/curl/discussions/12026#discussioncomment-7195548) Details are still unknown, but seems it will be a major issue as it's advertised by curl devs as "_probably the worst curl security flaw in a long time_". A patched version (8.4.0) and details will be published around 06:00 UTC on October 11. curl_cffi wheels on PyPI ship with libcurl 7.84.0 ### PoC [https://inspector.pypi.io/project/curl-cffi/0.5.10b2/packages/56/ae/eb7d39ad234f1f44650b910757d5aa696feff413d327c8328223ce78cb76/curl_cffi-0.5.10b2-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl/curl_cffi/include/curl/curlver.h](https://inspector.pypi.io/project/curl-cffi/0.5.10b2/packages/56/ae/eb7d39ad234f1f44650b910757d5aa696feff413d327c8328223ce78cb76/curl_cffi-0.5.10b2-cp37-abi3-manylinux_2_17_aarch64.manylinux2014...

ghsa
Open in Source
#vulnerability#linux#git
GHSA-wxw9-6pv9-c3xc: Umbraco CMS Has Incomplete Server Termination During Explicit Sign-Out

### Impact During an explicit sign-out, the server session is not fully terminated.

GHSA-5955-cwv4-h7qh: Umbraco has a Potential Code Execution Risk When Viewing SVG Files in Full Screen in Backoffice

### Impact There is a potential risk of code execution for Backoffice users when they “preview” SVG files in full screen mode. ### Workarounds Server-side file validation is available to strip script tags from file's content during the file upload process.

Fake CAPTCHA Pages Used by Lumma Stealer to Spread Fileless Malware

Lumma Stealer malware uses fake CAPTCHA to deceive victims. This information-stealing malware targets sensitive data like passwords and…

GHSA-fp6q-gccw-7qqm: Umbraco CMS logout page displayed before session expiration

### Impact The Backoffice displays the logout page with a session timeout message before the server session has fully expired, causing users to believe they have been logged out approximately 30 seconds before they actually are.

GHSA-4gp9-ff99-j6vj: Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API

### Impact An improper access control issue has been identified, allowing low-privilege users to access the webhook API and retrieve information that should be restricted to users with access to the settings section

GHSA-c5g6-6xf7-qxp3: Umbraco CMS vulnerable to stored Cross-site Scripting in the "dictionary name" on Dictionary section

### Impact This can be leveraged to gain access to higher-privilege endpoints, e.g. if you get a user with admin privileges to run the code, you can potentially elevate all users and grant them admin privileges or access protected content. ### Patches Will be patched in 14.3.1 and 15.0.0. ### Workarounds Ensure that access to the Dictionary section is only granted to trusted users.

Exposed United Nations Database Left Sensitive Information Accessible Online

The 115,000-plus files related to UN Women included detailed financial disclosures from organizations around the world—and personal details and testimonials from vulnerable individuals.

Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans

Russian-speaking users have become the target of a new phishing campaign that leverages an open-source phishing toolkit called Gophish to deliver DarkCrystal RAT (aka DCRat) and a previously undocumented remote access trojan dubbed PowerRAT. "The campaign involves modular infection chains that are either Maldoc or HTML-based infections and require the victim's intervention to trigger the

Swarms of Fake WordPress Plug-ins Infect Sites With Infostealers

GoDaddy flagged a ClickFix campaign that infected 6,000 sites in a one-day period, with attackers using stolen admin credentials to distribute malware.