Mozilla warns Windows users of critical Firefox sandbox escape flaw
(bleepingcomputer.com)
Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems.
Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems.
Ungovernable, Capricious Life
(nybooks.com)
The sense of vulnerability is crushing, but it is also one of the characteristics Kureishi reveals about himself that makes him so likable here, and the writing so intimate.
The sense of vulnerability is crushing, but it is also one of the characteristics Kureishi reveals about himself that makes him so likable here, and the writing so intimate.
As an engineer, I'd rather be called stupid than stay silent
(shiftmag.dev)
Letting myself be vulnerable and ask stupid questions actually helped me grow in my engineering career.
Letting myself be vulnerable and ask stupid questions actually helped me grow in my engineering career.
CVE-2024-9956 – PassKey Account Takeover in All Mobile Browsers
(mastersplinter.work)
In this blogpost I will go over a vulnerability I found in all major mobile browsers that allowed an attacker within Bluetooth range to take over PassKeys accounts by triggering FIDO:/ intents.
In this blogpost I will go over a vulnerability I found in all major mobile browsers that allowed an attacker within Bluetooth range to take over PassKeys accounts by triggering FIDO:/ intents.
CVE-2025-27363: out of bounds write in FreeType <= 2.13.0
(openwall.com)
An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files.
An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files.
Vulnerability in partner.microsoft.com allows unauthenticated access
(nist.gov)
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.
I hacked my company's SSO provider
(mattsayar.com)
I never thought I'd stumble across a previously-undiscovered vulnerability, much less one in security software.
I never thought I'd stumble across a previously-undiscovered vulnerability, much less one in security software.
Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China
(gfw.report)
We present Wallbleed, a buffer over-read vulnerability that existed in the DNS injection subsystem of the Great Firewall of China.
We present Wallbleed, a buffer over-read vulnerability that existed in the DNS injection subsystem of the Great Firewall of China.
Musl Libc: input-controlled out-of-bounds write primitive in iconv
(openwall.com)
A vulnerability has been identified in musl libc's implementation of iconv that can result in out-of-bounds memory writes in applications which process untrusted input using iconv and where the input charset for the conversion is input-controlled.
A vulnerability has been identified in musl libc's implementation of iconv that can result in out-of-bounds memory writes in applications which process untrusted input using iconv and where the input charset for the conversion is input-controlled.
MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
(marc.info)
We discovered two vulnerabilities in OpenSSH:
We discovered two vulnerabilities in OpenSSH:
Juniper Networks Routers API Authentication Bypass Vulnerability
(juniper.net)
Loading×Sorry to interruptCSS ErrorRefresh
Loading×Sorry to interruptCSS ErrorRefresh
CVE-2025-26519: musl Libc: input-controlled out-of-bounds write
(openwall.com)
A vulnerability has been identified in musl libc's implementation of iconv that can result in out-of-bounds memory writes in applications which process untrusted input using iconv and where the input charset for the conversion is input-controlled.
A vulnerability has been identified in musl libc's implementation of iconv that can result in out-of-bounds memory writes in applications which process untrusted input using iconv and where the input charset for the conversion is input-controlled.
Router maker Zyxel tells customers to replace vulnerable hardware
(techcrunch.com)
Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.
Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.
AMD: Microcode Signature Verification Vulnerability
(github.com/google)
Google Security Team has identified a security vulnerability in some AMD Zen-based CPUs. This vulnerability allows an adversary with local administrator privileges (ring 0 from outside a VM) to load malicious microcode patches. We have demonstrated the ability to craft arbitrary malicious microcode patches on Zen 1 through Zen 4 CPUs. The vulnerability is that the CPU uses an insecure hash function in the signature validation for microcode updates.
Google Security Team has identified a security vulnerability in some AMD Zen-based CPUs. This vulnerability allows an adversary with local administrator privileges (ring 0 from outside a VM) to load malicious microcode patches. We have demonstrated the ability to craft arbitrary malicious microcode patches on Zen 1 through Zen 4 CPUs. The vulnerability is that the CPU uses an insecure hash function in the signature validation for microcode updates.
Yubico Issues Security Advisory as 2FA Bypass Vulnerability Confirmed
(forbes.com)
Two-factor authentication has increasingly become a security essential over recent years, so when news of anything that can bypass those 2FA protections breaks, it’s not something you can ignore.
Two-factor authentication has increasingly become a security essential over recent years, so when news of anything that can bypass those 2FA protections breaks, it’s not something you can ignore.
Apache fixes Traffic Control bug that attackers could exploit
(scworld.com)
Apache’s maintainers on Dec. 23 released patches for a critical 9.9 vulnerability in the Traffic Ops component of Apache Traffic Control versions 8.0.0 and 8.0.1.
Apache’s maintainers on Dec. 23 released patches for a critical 9.9 vulnerability in the Traffic Ops component of Apache Traffic Control versions 8.0.0 and 8.0.1.
OpenOffice security issues unfixed in over 365 days, security status Amber
(apache.org)
This was extracted (@ 2024-12-18 21:10) from a list of minutes which have been approved by the Board. Please Note The Board typically approves the minutes of the previous meeting at the beginning of every Board meeting; therefore, the list below does not normally contain details from the minutes of the most recent Board meeting.
This was extracted (@ 2024-12-18 21:10) from a list of minutes which have been approved by the Board. Please Note The Board typically approves the minutes of the previous meeting at the beginning of every Board meeting; therefore, the list below does not normally contain details from the minutes of the most recent Board meeting.
Critical Apache Struts bug under active exploit
(theregister.com)
A critical security hole in Apache Struts 2 – patched last week – is currently being exploited using publicly available proof-of-concept (PoC) code.
A critical security hole in Apache Struts 2 – patched last week – is currently being exploited using publicly available proof-of-concept (PoC) code.
Zizmor would have caught the Ultralytics workflow vulnerability
(yossarian.net)
TL;DR: zizmor would have caught the vulnerability that caused this…mostly. Read on for details.
TL;DR: zizmor would have caught the vulnerability that caused this…mostly. Read on for details.
BootKitty UEFI malware exploits LogoFAIL to infect Linux systems
(bleepingcomputer.com)
The recently uncovered 'Bootkitty' Linux UEFI bootkit exploits the LogoFAIL flaw, tracked as CVE-2023-40238, to target computers running on vulnerable firmware.
The recently uncovered 'Bootkitty' Linux UEFI bootkit exploits the LogoFAIL flaw, tracked as CVE-2023-40238, to target computers running on vulnerable firmware.
Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root
(bleepingcomputer.com)
Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by default in Ubuntu Linux since version 21.04, which were introduced over 10 years ago.
Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by default in Ubuntu Linux since version 21.04, which were introduced over 10 years ago.
YubiKey still selling old stock with vulnerable firmware
(ycombinator.com)
FYI, YubiKey is apparently still selling old stock with firmware vulnerable to the EUCLEAK attack instead of disposing of them, as a reader of Fefe's Blog reported:
FYI, YubiKey is apparently still selling old stock with firmware vulnerable to the EUCLEAK attack instead of disposing of them, as a reader of Fefe's Blog reported:
Okta – Username Above 52 Characters Security Advisory
(okta.com)
On October 30, 2024, a vulnerability was internally identified in generating the cache key for AD/LDAP DelAuth.
On October 30, 2024, a vulnerability was internally identified in generating the cache key for AD/LDAP DelAuth.
RCE Vulnerability in QBittorrent
(sharpsec.run)
In qBittorrent, the DownloadManager class has ignored every SSL certificate validation error that has ever happened, on every platform, for 14 years and 6 months since April 6 2010 with commit 9824d86. The default behaviour changed to verifying on October 12 2024 with commit 3d9e971. The first patched release is version 5.0.1, released 2 days ago.
In qBittorrent, the DownloadManager class has ignored every SSL certificate validation error that has ever happened, on every platform, for 14 years and 6 months since April 6 2010 with commit 9824d86. The default behaviour changed to verifying on October 12 2024 with commit 3d9e971. The first patched release is version 5.0.1, released 2 days ago.
CVE-2024-9632 xorg-x11-server: heap-based buffer overflow privilege escalation
(redhat.com)
CVE-2024-9632 xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability
CVE-2024-9632 xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability
CVE-2024-45844: Privilege escalation in F5 BIG-IP
(almond.consulting)
The previous articles Post-Exploiting an F5 BIG-IP: root, and now what? and Deep diving into F5 Secure Vault helped us to get a better understanding of the internal F5 mechanisms.
The previous articles Post-Exploiting an F5 BIG-IP: root, and now what? and Deep diving into F5 Secure Vault helped us to get a better understanding of the internal F5 mechanisms.