Security
Headlines
HeadlinesLatestCVEs

Tag

#vulnerability

The severity of the Elevation of Privilege – Windows Kernel-Mode Driver (CVE-2024-35250) vulnerability has increased

The severity of the Elevation of Privilege – Windows Kernel-Mode Driver (CVE-2024-35250) vulnerability has increased. This vulnerability was fixed as part of the June Microsoft Patch Tuesday. As in the case of the CVE-2024-30090 vulnerability, it was discovered by a researcher with the nickname Angelboy from DEVCORE. And it also affects the Kernel Streaming framework, […]

Alexander V. Leonov
#vulnerability#windows#microsoft#git#blog
GHSA-3vpc-4p9p-47hc: curl_cffi bundles a version of libcurl affected by High Severity vulnerability

### Summary curl_cffi is potentially affected by High Severity vulnerability (CVE-2023-38545) in libcurl<8.4.0 ### Details HIGH severity vulnerability in curl and libcurl: [announcement](https://github.com/curl/curl/discussions/12026#discussioncomment-7195548) Details are still unknown, but seems it will be a major issue as it's advertised by curl devs as "_probably the worst curl security flaw in a long time_". A patched version (8.4.0) and details will be published around 06:00 UTC on October 11. curl_cffi wheels on PyPI ship with libcurl 7.84.0 ### PoC [https://inspector.pypi.io/project/curl-cffi/0.5.10b2/packages/56/ae/eb7d39ad234f1f44650b910757d5aa696feff413d327c8328223ce78cb76/curl_cffi-0.5.10b2-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl/curl_cffi/include/curl/curlver.h](https://inspector.pypi.io/project/curl-cffi/0.5.10b2/packages/56/ae/eb7d39ad234f1f44650b910757d5aa696feff413d327c8328223ce78cb76/curl_cffi-0.5.10b2-cp37-abi3-manylinux_2_17_aarch64.manylinux2014...

GHSA-wxw9-6pv9-c3xc: Umbraco CMS Has Incomplete Server Termination During Explicit Sign-Out

### Impact During an explicit sign-out, the server session is not fully terminated.

GHSA-5955-cwv4-h7qh: Umbraco has a Potential Code Execution Risk When Viewing SVG Files in Full Screen in Backoffice

### Impact There is a potential risk of code execution for Backoffice users when they “preview” SVG files in full screen mode. ### Workarounds Server-side file validation is available to strip script tags from file's content during the file upload process.

GHSA-4gp9-ff99-j6vj: Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API

### Impact An improper access control issue has been identified, allowing low-privilege users to access the webhook API and retrieve information that should be restricted to users with access to the settings section

Swarms of Fake WordPress Plug-ins Infect Sites With Infostealers

GoDaddy flagged a ClickFix campaign that infected 6,000 sites in a one-day period, with attackers using stolen admin credentials to distribute malware.

Debian Security Advisory 5794-1

Debian Linux Security Advisory 5794-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.

ABB Cylon Aspect 3.08.01 persistenceManagerAjax.php Command Injection

ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the directory HTTP POST parameter called by the persistenceManagerAjax.php script.

DTLS ClientHello Race Conditions In WebRTC Implementations

This white paper, titled "DTLS 'ClientHello' Race Conditions in WebRTC Implementations," details a security vulnerability affecting multiple WebRTC implementations. The research uncovers a security flaw where certain implementations fail to properly verify the origin of DTLS "ClientHello" messages in WebRTC sessions, potentially leading to denial of service attacks. The paper includes methodology, affected systems, and recommendations for mitigation.

Ubuntu Security Notice USN-7080-1

Ubuntu Security Notice 7080-1 - Toshifumi Sakaguchi discovered that Unbound incorrectly handled name compression for large RRsets, which could lead to excessive CPU usage. An attacker could potentially use this issue to cause a denial of service by sending specially crafted DNS responses.