Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-0971 |
Description: A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered.
CVSS: CRITICAL (9.6) EPSS Score: 0.07%
December 7th, 2024 (5 months ago)
|
|
CVE-2023-0970 |
Description: Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and earlier allow an attacker with invasive physical access to a Z-Wave controller device to overwrite global memory and potentially execute arbitrary code.
CVSS: HIGH (7.1) EPSS Score: 0.07%
December 7th, 2024 (5 months ago)
|
|
CVE-2023-0969 |
Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an authenticated attacker within Z-Wave range to manipulate an array pointer to disclose the contents of global memory.
CVSS: LOW (3.5) EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
CVE-2023-0026 |
Description: An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a BGP update message is received over an established BGP session, and that message contains a specific, optional transitive attribute, this session will be torn down with an update message error. This issue cannot propagate beyond an affected system as the processing error occurs as soon as the update is received. This issue is exploitable remotely as the respective attribute can propagate through unaffected systems and intermediate AS (if any). Continuous receipt of a BGP update containing this attribute will create a sustained Denial of Service (DoS) condition. Some customers have experienced these BGP session flaps which prompted Juniper SIRT to release this advisory out of cycle before fixed releases are widely available as there is an effective workaround.
This issue affects:
Juniper Networks Junos OS
15.1R1 and later versions prior to 20.4R3-S8;
21.1 version 21.1R1 and later versions prior to 21.2R3-S6;
21.3 versions prior to 21.3R3-S5;
21.4 versions prior to 21.4R3-S4;
22.1 versions prior to 22.1R3-S4;
22.2 versions prior to 22.2R3-S2;
22.3 versions prior to 22.3R2-S2, 22.3R3-S1;
22.4 versions prior to 22.4R2-S1, 22.4R3;
23.1 versions prior to 23.1R1-S1, 23.1R2.
Juniper Networks Junos OS Evolved
All versions prior to 20.4R3-S8-EVO;
21.1 version 21...
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
Description: Unit 42 probes network abuses around events like the Olympics, featuring case studies of scams and phishing through domain registrations and more.
The post Network Abuses Leveraging High-Profile Events: Suspicious Domain Registrations and Other Scams appeared first on Unit 42.
December 6th, 2024 (5 months ago)
|
|
|
Description: Impact
Due to some data types not being natively representable for the available storage options, shared_preferences_android serializes and deserializes special string prefixes to store these unrepresentable data types. This allows arbitrary classes to be deserialized leading to arbitrary code execution.
As a result, Files containing the preferences can be overwritten with a malicious one with a deserialization payload that triggers as soon as the data is loaded from the disk.
Patches
2.3.4
Workarounds
Update to the latest version of shared_preferences_android that contains the changes to address this vulnerability.
References
TBD
For more information
See our community page to find ways to contact the team.
Thanks
Thank you so much to Oskar Zeino-Mahmalat from sonarsource for finding and reporting this issue!
References
https://github.com/flutter/packages/security/advisories/GHSA-3hpf-ff72-j67p
https://github.com/flutter/packages/commit/15501ece235684a3bdddad089345fc3e33dc1df3
https://github.com/advisories/GHSA-3hpf-ff72-j67p
December 6th, 2024 (5 months ago)
|
|
|
Description: The activity-recording capability has drawn concerns from the security community and privacy experts, but the tech giant is being measured in its gradual rollout, which is still in preview mode.
December 6th, 2024 (5 months ago)
|
|
|
Description: An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities.
References
https://nvd.nist.gov/vuln/detail/CVE-2024-53907
https://docs.djangoproject.com/en/dev/releases/security
https://groups.google.com/g/django-announce
https://www.openwall.com/lists/oss-security/2024/12/04/3
https://www.djangoproject.com/weblog/2024/dec/04/security-releases
https://github.com/advisories/GHSA-8498-2h75-472j
December 6th, 2024 (5 months ago)
|
|
|
Description: An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.)
References
https://nvd.nist.gov/vuln/detail/CVE-2024-53908
https://docs.djangoproject.com/en/dev/releases/security
https://groups.google.com/g/django-announce
https://www.openwall.com/lists/oss-security/2024/12/04/3
https://www.djangoproject.com/weblog/2024/dec/04/security-releases
https://github.com/advisories/GHSA-m9g8-fxxm-xg86
December 6th, 2024 (5 months ago)
|
|
|
Description: Summary
Exposure of database (ie postgreSQL) server's credential when connection to DB fails.
Details
Exposed database credentials upon misconfig/DoS @ permalink: https://github.com/thorsten/phpMyFAQ/blob/main/phpmyfaq/src/phpMyFAQ/Setup/Installer.php#L694
PoC
When postgreSQL server is unreachable, an error would be thrown exposing the credentials of the database. For instance, when "http://:8080/setup/index.php" is hit when the database instance/server is down, then credentials are exposed, for instance:
( ! ) Warning: pg_connect(): Unable to connect to PostgreSQL server: connection to server at "127.0.0.1", port 5432 failed: Connection refused Is the server running on that host and accepting TCP/IP connections? in /var/www/html/src/phpMyFAQ/Database/Pgsql.php on line 78
Call Stack
# Time Memory Function Location
1 0.0404 453880 {main}( ) .../index.php:0
2 1.1341 610016 phpMyFAQ\Setup\Installer->startInstall( $setup = ??? ) .../index.php:471
3 1.2113 611544 phpMyFAQ\Database\Pgsql->connect( $host = '127.0.0.1', $user = 'cvecve', $password = '', $database = 'cvecve', $port = 5432 ) .../Installer.php:694
4 1.2113 611864 pg_connect( $connection_string = 'host=127.0.0.1 port=5432 dbname=cvecve user=cvecve password=' ) .../Pgsql.php:78
( ! ) Fatal error: Uncaught TypeError: Cannot assign false to property phpMyFAQ\Database\Pgsql::$conn of type ?PgSql\Connection in /var/www/html/src/phpMyFAQ/Database/Pgsql.php on line 78
( ! ) TypeError: Cannot assign false to property p...
December 6th, 2024 (5 months ago)
|