Security
Headlines
HeadlinesLatestCVEs

Tag

#perl

How helpful are estimates about how much cyber attacks cost?

New YoroTrooper research, the latest on the Cisco IOS vulnerability, and more.

TALOS
#sql#vulnerability#web#ios#cisco#backdoor#rce#perl#auth#ibm
WordPress AI ChatBot 4.8.9 SQL Injection / Traversal / File Deletion

WordPress AI ChatBot plugin versions 4.8.9 and below suffer from arbitrary file deletion, remote SQL injection, and directory traversal vulnerabilities.

Ubuntu Security Notice USN-6454-1

Ubuntu Security Notice 6454-1 - Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service. Alex Birnberg discovered that the netfilter subsystem in the Linux kernel did not properly validate register length, leading to an out-of-bounds write vulnerability. A local attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice USN-6446-3

Ubuntu Security Notice 6446-3 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6452-1

Ubuntu Security Notice 6452-1 - It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Vim contained an arithmetic overflow. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10.

Rockwell Automation Arena

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Arena Vulnerabilities: Out-of-Bounds Read, Access of Uninitialized Pointer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code by using a memory buffer overflow or using an uninitialized pointer in the application. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Arena, a simulation software, are affected: Arena: Version 16.20.00001 3.2 Vulnerability Overview 3.2.1 OUT OF BOUNDS READ CWE-125 Version 16.20 of Rockwell Automation's Arena software contains an out-of-bounds read vulnerability when certain malformed files are processed. An attacker with local access could utilize this to potentially leak memory or achieve arbitrary code execution. CVE-2023-27854 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/U...

CVE-2023-30969: Palantir | Trust and Security Portal

The Palantir Tiles1 service was found to be vulnerable to an API wide issue where the service was not performing authentication/authorization on all the endpoints.

CVE-2023-30967: Palantir | Trust and Security Portal

Gotham Orbital-Simulator service prior to 0.692.0 was found to be vulnerable to a Path traversal issue allowing an unauthenticated user to read arbitrary files on the file system.

GHSA-gh64-qxh5-4m33: org.xwiki.platform:xwiki-platform-oldcore may leak data through deleted and re-created documents

### Impact When a document has been deleted and re-created, it is possible for users with view right on the re-created document but not on the deleted document to view the contents of the deleted document. Such a situation might arise when rights were added to the deleted document. This can be exploited through the diff feature and, partially, through the REST API by using versions such as `deleted:1` (where the number counts the deletions in the wiki and is thus guessable). Given sufficient rights, the attacker can also re-create the deleted document, thus extending the scope to any deleted document as long as the attacker has edit right in the location of the deleted document. ### Patches This vulnerability has been patched in XWiki 14.10.8 and 15.3 RC1 by properly checking rights when deleted revisions of a document are accessed. ### Workarounds The only workaround is to regularly [clean deleted documents](https://extensions.xwiki.org/xwiki/bin/view/Extension/Index%20Application#...

CVE-2023-46316: CVE-2023-46316

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines.