Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Impact
Due to some data types not being natively representable for the available storage options, shared_preferences_android serializes and deserializes special string prefixes to store these unrepresentable data types. This allows arbitrary classes to be deserialized leading to arbitrary code execution.
As a result, Files containing the preferences can be overwritten with a malicious one with a deserialization payload that triggers as soon as the data is loaded from the disk.
Patches
2.3.4
Workarounds
Update to the latest version of shared_preferences_android that contains the changes to address this vulnerability.
References
TBD
For more information
See our community page to find ways to contact the team.
Thanks
Thank you so much to Oskar Zeino-Mahmalat from sonarsource for finding and reporting this issue!
References
https://github.com/flutter/packages/security/advisories/GHSA-3hpf-ff72-j67p
https://github.com/flutter/packages/commit/15501ece235684a3bdddad089345fc3e33dc1df3
https://github.com/advisories/GHSA-3hpf-ff72-j67p
December 6th, 2024 (5 months ago)
|
|
|
Description: The activity-recording capability has drawn concerns from the security community and privacy experts, but the tech giant is being measured in its gradual rollout, which is still in preview mode.
December 6th, 2024 (5 months ago)
|
|
|
Description: An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities.
References
https://nvd.nist.gov/vuln/detail/CVE-2024-53907
https://docs.djangoproject.com/en/dev/releases/security
https://groups.google.com/g/django-announce
https://www.openwall.com/lists/oss-security/2024/12/04/3
https://www.djangoproject.com/weblog/2024/dec/04/security-releases
https://github.com/advisories/GHSA-8498-2h75-472j
December 6th, 2024 (5 months ago)
|
|
|
Description: An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.)
References
https://nvd.nist.gov/vuln/detail/CVE-2024-53908
https://docs.djangoproject.com/en/dev/releases/security
https://groups.google.com/g/django-announce
https://www.openwall.com/lists/oss-security/2024/12/04/3
https://www.djangoproject.com/weblog/2024/dec/04/security-releases
https://github.com/advisories/GHSA-m9g8-fxxm-xg86
December 6th, 2024 (5 months ago)
|
|
|
Description: Summary
Exposure of database (ie postgreSQL) server's credential when connection to DB fails.
Details
Exposed database credentials upon misconfig/DoS @ permalink: https://github.com/thorsten/phpMyFAQ/blob/main/phpmyfaq/src/phpMyFAQ/Setup/Installer.php#L694
PoC
When postgreSQL server is unreachable, an error would be thrown exposing the credentials of the database. For instance, when "http://:8080/setup/index.php" is hit when the database instance/server is down, then credentials are exposed, for instance:
( ! ) Warning: pg_connect(): Unable to connect to PostgreSQL server: connection to server at "127.0.0.1", port 5432 failed: Connection refused Is the server running on that host and accepting TCP/IP connections? in /var/www/html/src/phpMyFAQ/Database/Pgsql.php on line 78
Call Stack
# Time Memory Function Location
1 0.0404 453880 {main}( ) .../index.php:0
2 1.1341 610016 phpMyFAQ\Setup\Installer->startInstall( $setup = ??? ) .../index.php:471
3 1.2113 611544 phpMyFAQ\Database\Pgsql->connect( $host = '127.0.0.1', $user = 'cvecve', $password = '', $database = 'cvecve', $port = 5432 ) .../Installer.php:694
4 1.2113 611864 pg_connect( $connection_string = 'host=127.0.0.1 port=5432 dbname=cvecve user=cvecve password=' ) .../Pgsql.php:78
( ! ) Fatal error: Uncaught TypeError: Cannot assign false to property phpMyFAQ\Database\Pgsql::$conn of type ?PgSql\Connection in /var/www/html/src/phpMyFAQ/Database/Pgsql.php on line 78
( ! ) TypeError: Cannot assign false to property p...
December 6th, 2024 (5 months ago)
|
|
|
Description: Microsoft is now testing its AI-powered Recall feature on AMD and Intel-powered Copilot+ PCs enrolled in the Windows 11 Insider program. [...]
December 6th, 2024 (5 months ago)
|
|
|
Description: The popular Ultralytics YOLO11 AI model was compromised in a supply chain attack to deploy cryptominers on devices running versions 8.3.41 and 8.3.42 from the Python Package Index (PyPI) [...]
December 6th, 2024 (5 months ago)
|
|
|
Description: A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. [...]
December 6th, 2024 (5 months ago)
|
|
|
Description: The Termite ransomware gang has officially claimed responsibility for the November breach of software as a service (SaaS) provider Blue Yonder. [...]
December 6th, 2024 (5 months ago)
|
|
|
Description: A Russian programmer accused of donating money to Ukraine had his Android device secretly implanted with spyware by the Federal Security Service (FSB) after he was detained earlier this year.
The findings come as part of a collaborative investigation by First Department and the University of Toronto's Citizen Lab.
"The spyware placed on his device allows the operator to track a target device's
December 6th, 2024 (5 months ago)
|