#web

The emerging threat actor, potentially a Chinese state-sponsored APT, is using the known exploit kit Moonshine in cross-platform attacks that deliver a previously undisclosed backdoor called "DarkNimbus" to ethnic minorities, including Tibetans.

Under certain uncommon site configurations, a bug in the CKEditor 5 module can cause some image uploads to move the entire webroot to a different location on the file system. This could be exploited by a malicious user to take down a site. The issue is mitigated by the fact that several non-default site configurations must exist simultaneously for this to occur.

Apache Hive Metastore (HMS) uses SerializationUtilities#deserializeObjectWithTypeInformation method when filtering and fetching partitions that is unsafe and can lead to Remote Code Execution (RCE) since it allows the deserialization of arbitrary data. In real deployments, the vulnerability can be exploited only by authenticated users/clients that were able to successfully establish a connection to the Metastore. From an API perspective any code that calls the unsafe method may be vulnerable unless it performs additional prerechecks on the input arguments.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: AutomationDirect Equipment: C-More EA9 Programming Software Vulnerabilities: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in memory corruption; a buffer overflow condition may allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS AutomationDirect reports that the following versions of C-more EA9 series programming software are affected: C-More EA9 Programming Software: version 6.78 and prior 3.2 Vulnerability Overview 3.2.1 Stack-based Buffer Overflow CWE-121 A file parsing stack-based buffer overflow remote code execution vulnerability is a serious software flaw that arises when an application or system improperly handles input files, leading to a stack-based buffer overflow. If exploited, this vulnerability allows attackers to execute arbitrary code remotely, often resulting in system compromise or unauthorized control. ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Planet Technology Equipment: Planet WGS-804HPT Vulnerabilities: Stack-based Buffer Overflow, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Integer Underflow (Wrap or Wraparound) 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Planet WGS-804HPT, an industrial switch, are affected: Planet WGS-804HPT: Version v1.305b210531 3.2 Vulnerability Overview 3.2.1 STACK-BASED BUFFER OVERFLOW CWE-121 The affected product is vulnerable to a stack-based buffer overflow. An unauthenticated attacker could send a malicious HTTP request that the webserver fails to properly check input size before copying data to the stack, potentially allowing remote code execution. CVE-2024-48871 has been assigned to this vulnerability. A CVSS v3...

Authorities across 19 African countries also dismantled their infrastructure and networks, thanks to cooperation between global law enforcement and private firms.

A vulnerability in VMware Tanzu Spring LDAP allows data exposure for case sensitive comparisons.This issue affects Spring LDAP: from 2.4.0 through 2.4.3, from 3.0.0 through 3.0.9, from 3.1.0 through 3.1.7, from 3.2.0 through 3.2.7, AND all versions prior to 2.4.0. The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in unintended columns from being queried Related to CVE-2024-38820 https://spring.io/security/cve-2024-38820

Firepad through 1.5.11 allows remote attackers, who have knowledge of a pad ID, to retrieve both the current text of a document and all content that has previously been pasted into the document. NOTE: in several similar products, this is the intentional behavior for anyone who knows the full document ID and corresponding URL. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Any technological innovation comes with security risks, and open banking is no exception. Open banking relies on APIs…

Explore the transition from passwords to a passwordless future: enhanced security, convenience, and cutting-edge innovations in biometrics and…