Security
Headlines
HeadlinesLatestCVEs

Tag

#c++

Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom

A suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway (ESG) appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign. Mandiant, which is tracking the activity under the name UNC4841, described the threat actor as "highly responsive to

The Hacker News
Open in Source
#vulnerability#web#ios#google#microsoft#linux#intel#c++#zero_day#The Hacker News
CVE-2023-41359: bgpd: Make sure we have enough data to read two bytes when validating AIGP by ton31337 · Pull Request #14232 · FRRouting/frr

An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation.

CVE-2023-41361: bgpd: Check the length of the rcv software version by ton31337 · Pull Request #14241 · FRRouting/frr

An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version.

CVE-2023-40781: heap-buffer-overflow in r_readc() at fromswf.c:264 · Issue #288 · libming/libming

Buffer Overflow vulnerability in Libming Libming v.0.4.8 allows a remote attacker to cause a denial of service via a crafted .swf file to the makeswf function.

CVE-2023-40857: heap-buffer-overflow libyara/exec.c:1426 in yr_execute_code · Issue #1945 · VirusTotal/yara

Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote attacker to execute arbtirary code via the yr_execute_cod function in the exe.c component.

Debian Security Advisory 5483-1

Debian Linux Security Advisory 5483-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-38712: Tags · libreswan/libreswan

An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart.

Ubuntu Security Notice USN-6307-1

Ubuntu Security Notice 6307-1 - It was discovered that JOSE for C/C++ AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. An attacker could use this to cause a denial of service or might expose sensitive information.

CVE-2023-40022: [gnuv2] Fix multiplication overflow check due compiler optimizations … · rizinorg/rz-libdemangle@51d0167

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.6.0 and prior are vulnerable to integer overflow in `consume_count` of `src/gnu_v2/cplus-dem.c`. The overflow check is valid logic but, is missing the modulus if the block once compiled. The compiler sees this block as unreachable code since the prior statement is multiplication by 10 and fails to consider overflow assuming the count will always be a multiple of 10. Rizin version 0.6.1 contains a fix for the issue. A temporary workaround would be disabling C++ demangling using the configuration option `bin.demangle=false`.

Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT

This is the third documented campaign attributed to this actor in less than a year, with the actor reusing the same infrastructure throughout these operations.