#vulnerability

Ubuntu Security Notice 6612-1 - It was discovered that TinyXML incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted XML file, a remote attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice 6605-2 - Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information.

Ubuntu Security Notice 6604-2 - It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information.

Ubuntu Security Notice 6613-1 - Lucas Henry discovered that Ceph incorrectly handled specially crafted POST requests. An unprivileged user could use this to bypass Ceph's authorization checks and upload a file to any bucket.

WS_FTP Server version 5.0.5 remote denial of service exploit.

httpdx version 1.5.1 remote denial of service exploit.

By cyberwire Aembit Announces New Workload IAM Integration with CrowdStrike to Help Enterprises Secure Workload-to-Workload Access. This is a post from HackRead.com Read the original post: Aembit Teams Up with CrowdStrike for Secure Workload Access

By Deeba Ahmed The vulnerabilities stem from the way Jenkins handles user-supplied data. This is a post from HackRead.com Read the original post: Excessive Expansion Vulnerabilities Leave Jenkins Servers Open to Attacks

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor: Hitron Systems Equipment: DVR Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to affect the availability of the product through exploitation of an improper input validation vulnerability and default credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Hitron Systems DVR, a digital video recorder, are affected: DVR HVR-4781: Versions 1.03 through 4.02 DVR HVR-8781: Versions 1.03 through 4.02 DVR HVR-16781: Versions 1.03 through 4.02 DVR LGUVR-4H: Versions 1.02 through 4.02 DVR LGUVR-8H: Versions 1.02 through 4.02 DVR LGUVR-16H: Versions 1.02 through 4.02 3.2 Vulnerability Overview 3.2.1 IMPROPER INPUT VALIDATION CWE-20 An improper input validation vulnerability exists in Hitron Systems DVR HVR-4781 versions 1.03 thro...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: LP30, LP40, LP50, and BM40 Operator Panels Vulnerability: Improper Validation of Consistency within Input, Out-of-bounds Write, Stack-based Buffer Overflow, Untrusted Pointer Dereference 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated attacker to use specifically crafted communication requests to perform a denial-of-service condition, memory overwriting, or remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Rockwell Automation products are affected: LP30 Operator Panel: Versions prior to V3.5.19.0 LP40 Operator Pane: Versions prior to V3.5.19.0 LP50 Operator Panel: Versions prior to V3.5.19.0 BM40 Operator Panel: Versions prior to V3.5.19.0 3.2 Vulnerability Overview 3.2.1 IMPROPER VALIDATION OF CONSISTENCY WITHIN INPUT CWE-1288 After successful authentication, specifically c...