#mac

Ubuntu Security Notice 7004-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice 7003-2 - It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Ubuntu Security Notice 7003-1 - It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Ubuntu Security Notice 6999-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service.

Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. "Selenium Grid is a server that facilitates running test cases in parallel across different browsers and versions," Cado Security researchers Tara Gould and Nate Bill said in an analysis published today. "However, Selenium Grid's default configuration lacks

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable from an adjacent network/low attack complexity Vendor: AutomationDirect Equipment: DirectLogic H2-DM1E Vulnerabilities: Session Fixation, Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to inject traffic into an ongoing authenticated session or authenticate as a valid user. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of DirectLogic H2-DM1E, a programmable logic controller, are affected: DirectLogic H2-DM1E: Versions 2.8.0 and prior 3.2 Vulnerability Overview 3.2.1 Authentication Bypass by Capture-replay CWE-294 The session hijacking attack targets the application layer's control mechanism, which manages authenticated sessions between a host PC and a PLC. During such sessions, a session key is utilized to maintain security. However, if an attacker captures this session key, they can inject traffic into an ongoing auth...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Information Server, SIMATIC PCS neo, SINEC NMS, Totally Integrated Automation Portal (TIA Portal) Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to achieve arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens User Managements Components are affected: SIMATIC Information Server 2022: All versions SIMATIC Information Server 2024: All versions SIMATIC PCS neo V4.0: All versions SIMATIC PCS neo V4.1: All ver...

A vendor honeypot caught two attacks intended to leverage the tens of thousands of exposed Selenium Grid Web app testing servers.

With an immature codebase and a "rather chaotic encryption scheme" prone to failure, the group targets small businesses with custom malware.

Torrance, United States / California, 12th September 2024, CyberNewsWire