Security
Headlines
HeadlinesLatestCVEs

Latest News

CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are as follows - CVE-2024-49035 (CVSS score: 8.7) - An improper access control

The Hacker News
Open in Source
#vulnerability#microsoft#The Hacker News
Red Hat is now a CVE Numbering Authority of Last Resort in the CVE Program

Since joining the Common Vulnerabilities and Exposures (CVE) Program in 2002, Red Hat has been committed to excellence, growth and innovation in product security. Today, we’re pleased to announce that Red Hat is now a CVE Numbering Authority of Last Resort (CNA-LR), a prestigious recognition of our leadership, expertise and continued commitment to industry advancement. This achievement is a testament to Red Hat’s dedication and a significant success for the entire open source software (OSS) community of which we are proud to be a part.Red Hat’s role as a CNA remains, with the company bei

A Team of Female Founders Is Launching Cloud Security Tech That Could Overhaul AI Protection

Cloud “container” defenses have inconsistencies that can give attackers too much access. A new company, Edera, is taking on that challenge and the problem of the male-dominated startup world.

GHSA-5mvm-89c9-9gm5: Matrix IRC Bridge allows IRC command injection to own puppeted user

### Impact The matrix-appservice-irc bridge up to version 3.0.3 contains a vulnerability which can lead to arbitrary IRC command execution as the puppeted user. The attacker can only inject commands executed as their own IRC user. ### Patches The vulnerability has been patched in matrix-appservice-irc version 3.0.4. ### For more information If you have any questions or comments about this advisory, please email us at [security at matrix.org](mailto:security@matrix.org).

Crypto and Cybersecurity: The Rising Threats and Why Reliable Wallets Matter

Cybersecurity threats in crypto are rising, from the Bybit hack to fake wallets stealing funds. Learn how to…

GHSA-hw62-58pr-7wc5: DOM Expressions has a Cross-Site Scripting (XSS) vulnerability due to improper use of string.replace

> [!NOTE] > This advisory was originally emailed to community@solidjs.com by @nsysean. To sum it up, the use of javascript's `.replace()` opens up to potential XSS vulnerabilities with the special replacement patterns beginning with `$`. Particularly, when the attributes of `Meta` tag from solid-meta are user-defined, attackers can utilise the special replacement patterns, either `$'` or `$\`` to achieve XSS. The solid-meta package has this issue since it uses `useAffect` and context providers, which injects the used assets in the html header. "dom-expressions" uses `.replace()` to insert the assets, which is vulnerable to the special replacement patterns listed above. This effectively means that if the attributes of an asset tag contained user-controlled data, it would be vulnerable to XSS. For instance, there might be meta tags for the open graph protocol in a user profile page, but if attackers set the user query to some payload abusing `.replace()`, then they could execute a...

GHSA-3qxh-p7jc-5xh6: Solid Lacks Escaping of HTML in JSX Fragments allows for Cross-Site Scripting (XSS)

Inserts/JSX expressions inside illegal inlined JSX fragments lacked escaping, allowing user input to be rendered as HTML when put directly inside JSX fragments. For instance, `?text=<svg/onload=alert(1)>` would trigger XSS here. ```js const [text] = createResource(() => { return new URL(getRequestEvent().request.url).searchParams.get("text"); }); return ( <> Text: {text()} </> ); ```

GHSA-c3p4-vm8f-386p: Navidrome allows an authentication bypass in Subsonic API with non-existent username

### Summary In certain Subsonic API endpoints, authentication can be bypassed by using a non-existent username combined with an empty (salted) password hash. This allows read-only access to the server’s resources, though attempts at write operations fail with a “permission denied” error. ### Details A flaw in the authentication check process allows an attacker to specify any arbitrary username that does not exist on the system, along with a salted hash of an empty password. Under these conditions, Navidrome treats the request as authenticated, granting access to various Subsonic endpoints without requiring valid credentials. ### Proof of Concept (PoC) 1. Generate a random salt: ```javascript // e.g., salt = "x1vbudn1m6d" Math.random().toString(36).substring(2, 15) ``` 2. Calculate the MD5 hash of an empty password plus the salt: ```shell # Using the example salt above echo -n "x1vbudn1m6d" | md5sum 81f0c0fb5d202ab0d012e6eaeb722d79 - ``` 3. Send a re...

GHSA-mcgx-2gcr-p3hp: LTI JupyterHub Authenticator does not properly validate JWT Signature

### Impact Only users that has configured a JupyterHub installation to use the authenticator class `LTI13Authenticator` are influenced. LTI13Authenticator that was introduced in `jupyterhub-ltiauthenticator` 1.3.0 wasn't validating JWT signatures. This is believed to allow the LTI13Authenticator to authorize a forged request granting access to existing and new user identities. ### Patches None. ### Workarounds None. ### References - [This code segment](https://github.com/jupyterhub/ltiauthenticator/blob/3feec2e81b9d3b0ad6b58ab4226af640833039f3/ltiauthenticator/lti13/validator.py#L122-L164) didn't validate a JWT signature.

Hackers Exploit Fake GitHub Repositories to Spread GitVenom Malware

Kaspersky’s Securelist exposes the GitVenom campaign involving fake GitHub repositories to distribute malware. Targeting developers with seemingly legitimate…