#web

An SSL.com vulnerability allowed attackers to issue valid SSL certificates for major domains by exploiting a bug in…

### Impact The input parameter, which consists of a file path and name, can be manipulated to return the Content-Type header with text/html if the name part ends with .html. This could allow malicious JavaScript code to be executed in the browser. For a successful attack, a malicious file needs to be uploaded beforehand. The severity of the vulnerability is mitigated by the fact that the application UI and the JPA Web API are typically accessible only to authenticated users. ### Patches The problem has been fixed in CUBA JPA Web API add-on 1.1.1. ### Workarounds A workaround for those who are unable to upgrade: [Disable Files Endpoint in CUBA Application](https://docs.jmix.io/jmix/files-vulnerabilities.html#disable-files-endpoint-in-cuba-application). ### References [Files Functionality Vulnerabilities :: Jmix Documentation](https://docs.jmix.io/jmix/files-vulnerabilities.html) Similar vulnerability in Jmix: [XSS in the /files Endpoint of the Generic REST API · Advisory · jmix...

Cybersecurity researchers have detailed a malware campaign that's targeting Docker environments with a previously undocumented technique to mine cryptocurrency. The activity cluster, per Darktrace and Cado Security, represents a shift from other cryptojacking campaigns that directly deploy miners like XMRig to illicitly profit off the compute resources. This involves deploying a malware strain

Terrance, United States / California, 22nd April 2025, CyberNewsWire

All Google accounts could end up compromised by a clever replay attack on Gmail users that abuses Google infrastructure.

March episode “In the Trend of VM” (#13): vulnerabilities of Microsoft, PAN-OS, СommuniGate and who should patch hosts with deployed application. I’m posting the translated video with a big delay, but it’s better than never. 😉 📹 Video on YouTube and LinkedIn🗞 Post on Habr (rus)🗒 Digest on the PT website Content: 🔻 00:00 Greetings […]

Threat actors are exploiting bulletproof hosting service Proton66 for malicious activities, including campaigns from SuperBlack ransomware operators, Android…

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: TeleControl Server Basic Vulnerabilities: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read and write to the application's database, cause a denial-of-service condition, and execute code in an OS shell. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: TeleControl Server Basic: versions prior to V3.1.2.2 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL E...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: MV Drives Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Improper Input Validation, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain full access to the drive or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ABB reports that the following MV Drives are affected by CODESYS RTS (Runtime System) vulnerabilities: ACS6080: LAAAA 2.10.0 to LAAAB 5.06.1 ACS5000: LAAAB 4.03.0 to LAAAB 5.06.1 ACS6000: LAAAA 2.10.0 to LAAAB 5.06.1 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119 The CODESYS Control runtime system does not restrict the memory access. An improper restriction of operations within the bounds of a memory buffer allows an attacker with access to the drive with...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.3 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: TeleControl Server Basic Vulnerability: Improper Handling of Length Parameter Inconsistency 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause the application to allocate exhaustive amounts of memory and subsequently create a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: TeleControl Server Basic: Versions prior to V3.1.2.2 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER HANDLING OF LENGTH PARAMETER INCONSISTENCY CWE-130 The affected product does not prop...