Security CERT Global

• Genomgång av CERT-SE CTF2020
  Inför cybersäkerhetsmånaden 2020 släppte CERT-SE en utmaning, CTF (Capture The Flag). Här följer ett förslag på lösning. Utmaningen gick ut på att i en dump av nätverkstrafik hitta en "flagga". ... read more
• CVE-2020-20950
  Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. The vulnerability can allow one to use Bleichenbacher's oracle attack to ... read more
• CVE-2020-35128
  Mautic before 3.2.4 is affected by stored XSS. An attacker with permission to manage companies, an application feature, could attack other users, including administrators. For example, by loading an externally ... read more
• CVE-2020-35129
  Mautic before 3.2.4 is affected by stored XSS. An attacker with access to Social Monitoring, an application feature, could attack other users, including administrators. For example, an attacker could load ... read more
• CVE-2020-23342
  A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users. ... read more
• CVE-2020-23522
  Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter. ... read more
• CVE-2021-21605 (jenkins)
  Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure permission to choose agent names that cause Jenkins to override the global `config.xml` file. ... read more
• CVE-2020-9143 (emui, magic_ui)
  There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability may lead to low-sensitive information exposure. ... read more
• CVE-2020-9142 (emui, magic_ui)
  There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update ... read more
• CVE-2020-9140 (emui, magic_ui)
  There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone.Unauthorized users may trigger code execution when a buffer overflow occurs. ... read more
• CVE-2020-9141 (emui, magic_ui)
  There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity. ... read more
• CVE-2020-28472
  This affects the package @aws-sdk/shared-ini-file-loader before 1.0.0-rc.9; the package aws-sdk before 2.814.0. If an attacker submits a malicious INI file to an application that parses it with loadSharedConfigFiles , they ... read more
• CVE-2020-28477
  This affects all versions of package immer. ... read more
• CVE-2020-28478
  This affects the package gsap before 3.6.0. ... read more
• Apache udsender advisory til Tomcat
  Apache Software Foundation har frigivet en advisory til håndtering af en sårbarhed, der påvirker flere versioner af Apache Tomcat. En angriber kan udnytte sårbarheden til at få adgang til følsomme ... read more
• CVE-2021-3177
  Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, ... read more
• CVE-2021-3178
  ** DISPUTED ** fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts ... read more
• CVE-2021-22852
  HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (online registration) to obtain database schema and data. ... read more
• CVE-2021-22850
  HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions. ... read more
• CVE-2021-22851
  HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (document management page) to obtain database schema and data. ... read more
• Un actor de amenazas compromete un certificado de Mimecast
  Fecha de publicación: 12/01/2021 El proveedor de software de gestión de correo electrónico, Mimecast, ha informado de que uno de sus certificados emitidos, destinado a autenticar sus productos Mimecast ... read more
• A threat actor commits a Mimecast certificate
  Publication date: 01/12/2021 The email management software provider, Mimecast, has reported that one of its issued certificates, intended to authenticate its Mimecast Sync and Recover, Continuity Monitor and IEP ... read more
• Sårbarheder i Siemens produktudviklingsløsninger
  Siemens har i sidste uge orienteret kunderne om, at nogle af dets produktudviklingsløsninger er påvirket af en række sårbarheder, der kan udnyttes til afvikling af vilkårlig kode ved hjælp af ... read more
• Vulnerability Scanning Tools and Services
  Advice on the choice, implementation and use of automated vulnerability scanning tools for organisations of all sizes. ... read more
• Vulnerability Scanning: Keeping on top of the most common threats
  Vulnerability Scanning solutions offer a cost-effective way to discover and manage common security issues. ... read more
• CVE-2021-20619
  Cross-site scripting vulnerability in GROWI (v4.2 Series) versions prior to v4.2.3 allows remote attackers to inject an arbitrary script via unspecified vectors. ... read more
• CVE-2020-29450
  Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the avatar upload feature. The ... read more
• ESB-2020.1110.2 – UPDATE [Win][UNIX/Linux] Ruby: Multiple vulnerabilities
  -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.1110.2 Ruby: Heap exposure vulnerability in the socket library 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- ... read more
• お知らせ：JPCERT/CC Eyes「攻撃グループLazarusが侵入したネットワーク内で使用するツール」
  ... read more
• GROWI vulnerable to cross-site scripting
  GROWI contains a cross-site scripting vulnerability. ... read more
• JVN: GROWI におけるクロスサイトスクリプティングの脆弱性
  GROWI には、クロスサイトスクリプティングの脆弱性が存在します。続きを読む ... read more
• Commonly Known Tools Used by Lazarus
  It is widely known that attackers use Windows commands and tools that are commonly known and used after intruding their target network. Lazarus attack group, a.k.a. Hidden Cobra, also uses ... read more
• CVE-2020-28473
  Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter ... read more
• CVE-2020-28476
  Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the ... read more
• CVE-2021-25174
  Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed ... read more
• CVE-2021-25176
  Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed ... read more
• CVE-2021-25175
  Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed ... read more
• CVE-2021-25173
  Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists ... read more
• CVE-2021-25177
  Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed ... read more
• CVE-2020-36193
  Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related ... read more
• CVE-2020-36192
  Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** An issue was discovered in the Source Integration plugin before 2.4.1 for MantisBT. An attacker can gain access to the ... read more
• CVE-2020-7343
  Gravedad: NonePublicado: 18/01/2021Last revised: 18/01/2021Descripción: *** Pendiente de traducción *** Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates ... read more
• ESB-2021.0216 – [RedHat] postgresql:10: Multiple vulnerabilities
  -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0216 postgresql:10 security update 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: postgresql:10 Publisher: Red Hat ... read more
• ESB-2021.0214 – [RedHat] postgresql:9.6: Multiple vulnerabilities
  -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0214 postgresql:9.6 security update 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: postgresql:9.6 Publisher: Red Hat ... read more
• ESB-2021.0215 – [RedHat] postgresql:12: Multiple vulnerabilities
  -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0215 postgresql:12 security update 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: postgresql:12 Publisher: Red Hat ... read more
• ESB-2021.0213 – [Debian] gst-plugins-bad1.0: Execute arbitrary code/commands – Unknown/unspecified
  -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0213 gst-plugins-bad1.0 security update 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: gst-plugins-bad1.0 Publisher: Debian Operating ... read more
• ESB-2021.0212 – [RedHat] OpenShift Container Platform 4.6.12: Multiple vulnerabilities
  -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0212 OpenShift Container Platform 4.6.12 packages and security update 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- ... read more
• ESB-2021.0177.2 – UPDATE [Juniper] Junos OS: Multiple vulnerabilities
  -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0177.2 JSA11094 and JSA11114 - 2021-01 Security Bulletins: Junos OS 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary ... read more
• ESB-2021.0211 – [RedHat] libpq: Multiple vulnerabilities
  -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0211 libpq security update 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: libpq Publisher: Red Hat ... read more
• ESB-2021.0206 – [UNIX/Linux][Ubuntu] Pillow: Multiple vulnerabilities
  -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0206 USN-4697-1: Pillow vulnerabilities 19 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Pillow Publisher: Ubuntu Operating ... read more
Older posts