Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

From summer camp to grind season

Bill takes thoughtful look at the transition from summer camp to grind season, explores the importance of mental health and reflects on AI psychiatry.

TALOS
Open in Source
#vulnerability#ios#mac#windows#apple#google#microsoft#cisco#js#git#intel#pdf#oauth#auth#dell#zero_day#sap#asp.net
GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module

Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services (IIS) module

GHSA-c7v7-rqfm-f44j: Vaadin Platform possible file bypass via upload validation on the server-side

### Description When the Vaadin Upload's start listener is used to validate metadata about an incoming upload, it is possible to bypass the upload validation. Users of affected versions should apply the upgrade to a more recent Vaadin version.

GHSA-94g8-xv23-7656: Vaadin Flow Components possible file bypass via upload validation on the server-side

### Description When the Vaadin Upload's start listener is used to validate metadata about an incoming upload, it is possible to bypass the upload validation. Users of affected versions should apply the upgrade to a more recent Vaadin version.

GHSA-9gfh-4fwj-w3rj: Vaadin Framework possible file bypass via upload validation on the server-side

### Description When the Vaadin Upload's start listener is used to validate metadata about an incoming upload, it is possible to bypass the upload validation. Users of affected versions should apply the upgrade to a more recent Vaadin version.

GHSA-cgrg-86m5-xm4w: Memos Vulnerable to Stored Cross-Site Scripting

Memos 0.22 is vulnerable to Stored Cross site scripting (XSS) vulnerabilities by the upload attachment and user avatar features. Memos does not verify the content type of the uploaded data and serve it back as is. An authenticated attacker can use this to elevate their privileges when the stored XSS is viewed by an admin.

GHSA-78j5-8vq7-jxv5: Memos Vulnerable to Path Traversal via the CreateResource Endpoint

When Memos 0.22 is configured to store objects locally, an attacker can create a file via the CreateResource endpoint containing a path traversal sequence in the name, allowing arbitrary file write on the server.

GHSA-377j-wj38-4728: Weblate has a long session expiry when verifying second factor

### Impact The verification of the second factor had too long a session expiry. The long session expiry could be used to circumvent rate limiting of the second factor. ### Patches This issue has been addressed in Weblate 5.13.1 via https://github.com/WeblateOrg/weblate/pull/16002. ### References Thanks to Nahid Hasan Limon for reporting this issue responsibly.

GHSA-j4fw-4mhr-hc45: Liferay Portal Vulnerable to Denial of Service in Kaleo Forms Admin

Kaleo Forms Admin in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.4 GA, 7.3 GA through update 27, and older unsupported versions does not restrict the saving of request parameters in the portlet session, which allows remote attackers to consume system memory leading to denial-of-service (DoS) conditions via crafted HTTP request.

GHSA-pc6w-59fv-rh23: Langchain Community Vulnerable to XML External Entity (XXE) Attacks

The langchain-ai/langchain project, specifically the EverNoteLoader component, is vulnerable to XML External Entity (XXE) attacks due to insecure XML parsing. The vulnerability arises from the use of etree.iterparse() without disabling external entity references, which can lead to sensitive information disclosure. An attacker could exploit this by crafting a malicious XML payload that references local files, potentially exposing sensitive data such as /etc/passwd. This issue has been fixed in 0.3.27 of langchain-community.