Telegram Bot & Channel Security Vulnerabilities

Security Bulletin: IBM Cognos Transformer is affected by security vulnerabilities

Summary Vulnerabilities in IBM® Java™ Version 8 that is consumed by IBM Cognos Transformer have been addressed. Please refer to the table in the Related Information section for vulnerability impact. Vulnerability Details ** CVEID: CVE-2024-20952 DESCRIPTION: **An unspecified vulnerability in Java.....

Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server

Mattermost notified all users in the channel when using WebSockets to respond individually in...

Security Bulletin: Vulnerability in Bouncy Castle Crypto Package For Java affects IBM Process Mining CVE-2024-30171

Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an remote authenticated attacker to obtain sensitive information on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability....

CometBFT is unstability during blocksync when syncing from malicious peer

Name: ASA-2024-008: Instability during blocksync when syncing from malicious peer Component: CometBFT Criticality: Medium (ACMv1: I:Moderate; L: Possible) Affected versions: < v0.38.7 Summary An issue was identified for nodes syncing on an existing network during blocksync in which a malicious.....

CometBFT is unstability during blocksync when syncing from malicious peer

Name: ASA-2024-008: Instability during blocksync when syncing from malicious peer Component: CometBFT Criticality: Medium (ACMv1: I:Moderate; L: Possible) Affected versions: < v0.38.7 Summary An issue was identified for nodes syncing on an existing network during blocksync in which a malicious.....

New SnailLoad Attack Exploits Network Latency to Spy on Users' Web Activities

A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as SnailLoad that could be used to remotely infer a user's web activity. "SnailLoad exploits a bottleneck present on all Internet connections," the researchers said in a study...

EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2024-1869)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS,...

EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2024-1855)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS,...

Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities

Summary There are vulnerabilities in IBM® Java™ Version 8 and IBM WebSphere Application Server Liberty used by IBM Cognos Analytics. IBM Cognos Analytics has addressed these vulnerabilities by upgrading IBM® Java™ and IBM WebSphere Application Server Liberty. There are vulnerabilities in...

CVE-2024-2973

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running in....

CVE-2024-2973

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running in....

CVE-2024-2973 Session Smart Router(SSR): On redundant router deployments API authentication can be bypassed

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running in....

CVE-2024-2973 Session Smart Router(SSR): On redundant router deployments API authentication can be bypassed

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running in....

An Inside Look at The Malware and Techniques Used in the WordPress.org Supply Chain Attack

On Monday June 24th, 2024 the Wordfence Threat Intelligence team was made aware of the presence of malware in the Social Warfare repository plugin (see post Supply Chain Attack on WordPress.org Plugins Leads to 5 Maliciously Compromised WordPress Plugins). After adding the malicious code to our...

Driving licences and other official documents leaked by authentication service used by Uber, TikTok, X, and more

A company that helps to authenticate users for big brands had a set of administration credentials exposed online for over a year, potentially allowing access to user identity documents such as driving licenses. As more and more legislation emerges requiring websites and platforms—like gambling...

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 17, 2024 to June 23, 2024)

_ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...

Snowflake isn’t an outlier, it’s the canary in the coal mine

By Nick Biasini with contributions from Kendall McKay and Guilherme Venere Headlines continue to roll in about the many implications and follow-on attacks originating from leaked and/or stolen credentials for the Snowflake cloud data platform. Adversaries obtained stolen login credentials for...

CVE-2024-0949

Improper Access Control, Missing Authorization, Incorrect Authorization, Incorrect Permission Assignment for Critical Resource, Missing Authentication, Weak Authentication, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Talya Informatics Elektraweb allows...

CVE-2024-0949

Improper Access Control, Missing Authorization, Incorrect Authorization, Incorrect Permission Assignment for Critical Resource, Missing Authentication, Weak Authentication, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Talya Informatics Elektraweb allows...

CVE-2024-0949 Improper Access Control in Talya Informatics' Elektraweb

Improper Access Control, Missing Authorization, Incorrect Authorization, Incorrect Permission Assignment for Critical Resource, Missing Authentication, Weak Authentication, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Talya Informatics Elektraweb allows...

How to Use Python to Build Secure Blockchain Applications

Did you know it's now possible to build blockchain applications, known also as decentralized applications (or "dApps" for short) in native Python? Blockchain development has traditionally required learning specialized languages, creating a barrier for many developers… until now. AlgoKit, an...

Security Bulletin: Multiple vulnerabilities in Bouncy Castle API affect IBM License Metric Tool.

Summary IBM License Metric Tool is affected by Bouncy Castle Cryptography vulnerabilities. Vulnerability Details ** CVEID: CVE-2024-30172 DESCRIPTION: **The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by an infinite loop in the Ed25519 verification code. By...

Microsoft Edge (Chromium) < 126.0.2592.81 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 126.0.2592.81. It is, therefore, affected by multiple vulnerabilities as referenced in the June 27, 2024 advisory. Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to...

Fedora 40 : openvpn (2024-b611e122fb)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b611e122fb advisory. Update to upstream OpenVPN 2.6.11 CVE-2024-5594: control channel: refuse control channel messages with nonprintable characters in them ...

RHEL 8 : OpenShift Container Platform 4.12.60 (RHSA-2024:4008)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4008 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private...

RHEL 9 : OpenShift Container Platform 4.16.0 (RHSA-2024:0045)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0045 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities

Summary There are vulnerabilities in IBM® Java™ Version 8 used by IBM Cognos Dashboards on Cloud Pak. IBM Cognos Dashboards on Cloud Pak has addressed these vulnerabilities by upgrading IBM® Java™. There are vulnerabilities in Open-Source Software (OSS) components consumed by IBM Cognos Dashboards....

Episode 2: Behind the Scenes of a Tailor-Made Massive Phishing Campaign Part 2

Executive Summary Last summer, we investigated a massive, global phishing campaign impersonating almost 350 legitimate companies. Our continued investigation into this expansive phishing campaign revealed leaked backend source code, shedding light on the infrastructure behind the operation. This...

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.6.0 Vulnerability Details ** CVEID: CVE-2022-25857 DESCRIPTION: **Java package org.yaml:snakeyam is vulnerable to a denial of service, caused by missing to nested depth limitation for collections. By sending a...

Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties

In this post, I'll exploit CVE-2024-3833, an object corruption bug in v8, the Javascript engine of Chrome, that I reported in March 2024 as bug 331383939. A similar bug, 331358160, was also reported and was assigned CVE-2024-3832. Both of these bugs were fixed in version 124.0.6367.60/.61....

[updated] Federal Reserve &#8220;breached&#8221; data may actually belong to Evolve Bank

A shockwave went through the financial world when ransomware group LockBit claimed to have breached the US Federal Reserve, the central banking system of the United States. On LockBit's dark web leak site, the group threatened to release over 30 TB of banking information containing Americans'...

Security Bulletin: IBM Cloud Pak for Network Automation 2.7.4 addresses multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.7.4 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2022-48554 DESCRIPTION: **File is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the file_copystr...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities listed herein. Vulnerability Details ** CVEID: CVE-2023-49569 DESCRIPTION: **go-git could allow a remote attacker to traverse directories on the system. By sending a specially crafted request using the...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2190-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2190-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.8.0.5)

The version of AOS installed on the remote host is prior to 6.8.0.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.8.0.5 advisory. An information disclosure vulnerability exists in...

Security Bulletin: Maximo Application Suite - bcprov-jdk18on-1.76.jar is vulnerable to CVE-2024-30171 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses bcprov-jdk18on-1.76.jar which is vulnerable to CVE-2024-30171. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2024-30171 DESCRIPTION: **The Bouncy Castle Crypto Package...

Neiman Marcus confirms breach. Is the customer data already for sale?

Luxury retail chain Neiman Marcus has begun to inform customers about a cyberattack it discovered in May. The attacker compromised a database platform storing customers' personal information. The letter tells customers: “Promptly after learning of the issue, we took steps to contain it, including.....

CVE-2024-39362

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: Unbind mux adapters before delete There is an issue with ACPI overlay table removal specifically related to I2C multiplexers. Consider an ACPI SSDT Overlay that defines a PCA9548 I2C mux on an existing I2C bus. When...

CVE-2024-39362

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: Unbind mux adapters before delete There is an issue with ACPI overlay table removal specifically related to I2C multiplexers. Consider an ACPI SSDT Overlay that defines a PCA9548 I2C mux on an existing I2C bus. When...

CVE-2024-39362

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: Unbind mux adapters before delete There is an issue with ACPI overlay table removal specifically related to I2C multiplexers. Consider an ACPI SSDT Overlay that defines a PCA9548 I2C mux on an existing I2C bus. When...

CVE-2024-39362

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: Unbind mux adapters before delete There is an issue with ACPI overlay table removal specifically related to I2C multiplexers. Consider an ACPI SSDT Overlay that defines a PCA9548 I2C mux on an existing I2C bus. When...

CVE-2024-39362 i2c: acpi: Unbind mux adapters before delete

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: Unbind mux adapters before delete There is an issue with ACPI overlay table removal specifically related to I2C multiplexers. Consider an ACPI SSDT Overlay that defines a PCA9548 I2C mux on an existing I2C bus. When...

CVE-2024-39362 i2c: acpi: Unbind mux adapters before delete

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: Unbind mux adapters before delete There is an issue with ACPI overlay table removal specifically related to I2C multiplexers. Consider an ACPI SSDT Overlay that defines a PCA9548 I2C mux on an existing I2C bus. When...

Malicious code in spider-bot (RubyGems)

-= Per source details. Do not edit below this...

Malicious code in nuke-bot (PyPI)

-= Per source details. Do not edit below this...

Malicious code in dpy-bot (PyPI)

-= Per source details. Do not edit below this...

Malicious code in plugins-bot (npm)

-= Per source details. Do not edit below this...

Malicious code in chat-bot (npm)

-= Per source details. Do not edit below this...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1837)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv-lock while iterating...

CVE-2024-5594

control channel: refuse control channel messages with nonprintable characters in them. Security scope: a malicious openvpn peer can send garbage to openvpn log, or cause high CPU...