Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

CVE-2022-48332: Cyber Intelligence - Hardware and Software Security Assessments

Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow.

CVE
Open in Source
#vulnerability#android#google#dos#git#intel#perl#buffer_overflow#auth#xiaomi
CVE-2022-48333: Cyber Intelligence - Hardware and Software Security Assessments

Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant buffer overflow.

CVE-2022-48336: Cyber Intelligence - Hardware and Software Security Assessments

Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow.

CVE-2022-48335: Cyber Intelligence - Hardware and Software Security Assessments

Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow.

CVE-2022-48334: Cyber Intelligence - Hardware and Software Security Assessments

Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer overflow.

CVE-2022-48331: Cyber Intelligence - Hardware and Software Security Assessments

Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys integer overflow and resultant buffer overflow.

GHSA-c2pj-v37r-2p6h: Coraza has potential denial of service vulnerability

### Summary Due to the misuse of `log.Fatalf`, the application using coraza crashed after receiving crafted requests from attackers. ### Details https://github.com/corazawaf/coraza/blob/82157f85f24c6107667bf0f686b71a72aafdf8a5/internal/bodyprocessors/multipart.go#L26-L29 The bodyprocessors of multipart uses `log.Fatalf` to handle errors from the `mime.ParseMediaType`, but `log.Fatalf` calls `os.Exit` directly after logging the error. https://github.com/golang/go/blob/a031f4ef83edc132d5f49382bfef491161de2476/src/log/log.go#L288-L291 This means that the application will immediately crash after receiving a malicious request that triggers an error in `mime.ParseMediaType`. ### PoC The server can be demonstrated by https://github.com/corazawaf/coraza/tree/main/examples/http-server After sending this request ``` POST / HTTP/1.1 Host: 127.0.0.1:8090 User-Agent: curl/8.1.2 Accept: */* Content-Length: 199 Content-Type: multipart/form-data; boundary=------------------------5fa6351b877326a1...

CVE-2023-3398: proxying Big files leads to potential DOS in drawio

Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3.

OpenSSH trojan campaign targets Linux systems and IoT devices

Categories: News Tags: IoT Tags: Linux Tags: OpenSSH Tags: trojan Tags: botnet Tags: IRC Tags: attack Tags: compromise Poorly configured Linux and Internet of Things (IoT) devices are at risk of compromise from a cryptojacking campaign. (Read more...) The post OpenSSH trojan campaign targets Linux systems and IoT devices appeared first on Malwarebytes Labs.

CVE-2023-1150: VDE-2023-005 | CERT@VDE

Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets.