Hacker News with Generative AI: Vulnerability

Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root (bleepingcomputer.com)
Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by default in Ubuntu Linux since version 21.04, which were introduced over 10 years ago.
Ubuntu, Security, Vulnerability, Linux, Privilege Escalation
6 points by akyuu 1 day ago | 2 comments
YubiKey still selling old stock with vulnerable firmware (ycombinator.com)
FYI, YubiKey is apparently still selling old stock with firmware vulnerable to the EUCLEAK attack instead of disposing of them, as a reader of Fefe's Blog reported:
Security, Hardware, Firmware, Vulnerability
288 points by MaKey 11 days ago | 109 comments
Okta – Username Above 52 Characters Security Advisory (okta.com)
On October 30, 2024, a vulnerability was internally identified in generating the cache key for AD/LDAP DelAuth.
Security, Cybersecurity, Software, Vulnerability
144 points by lopkeny12ko 21 days ago | 74 comments
RCE Vulnerability in QBittorrent (sharpsec.run)
In qBittorrent, the DownloadManager class has ignored every SSL certificate validation error that has ever happened, on every platform, for 14 years and 6 months since April 6 2010 with commit 9824d86. The default behaviour changed to verifying on October 12 2024 with commit 3d9e971. The first patched release is version 5.0.1, released 2 days ago.
Security, Software, Vulnerability, QBittorrent
376 points by udev4096 23 days ago | 187 comments
CVE-2024-9632 xorg-x11-server: heap-based buffer overflow privilege escalation (redhat.com)
CVE-2024-9632 xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability
Security, Vulnerability, Linux, Software, X11
3 points by todsacerdoti 25 days ago | 0 comments
CVE-2024-45844: Privilege escalation in F5 BIG-IP (almond.consulting)
The previous articles Post-Exploiting an F5 BIG-IP: root, and now what? and Deep diving into F5 Secure Vault helped us to get a better understanding of the internal F5 mechanisms.
Cybersecurity, F5, Vulnerability, Privilege Escalation, Software
12 points by notmine1337 28 days ago | 0 comments
Samsung meets MediaTek: The story of a small bug chain [pdf] (sstic.org)
Samsung, MediaTek, Security, Bug, Vulnerability
47 points by sipofwater 31 days ago | 5 comments
Fortinet critical 0-day vulnerability being actively exploited (arstechnica.com)
Fortinet, a maker of network security software, has kept a critical vulnerability under wraps for more than a week amid reports that attackers are using it to execute malicious code on servers used by sensitive customer organizations.
Cybersecurity, Vulnerability, Fortinet
8 points by heresie-dabord 31 days ago | 0 comments
Microsoft didn't sandbox Windows Defender, so I did (2017) (trailofbits.com)
Microsoft exposed their users to a lot of risks when they released Windows Defender without a sandbox. This surprised me. Sandboxing is one of the most effective security-hardening techniques. Why did Microsoft sandbox other high-value attack surfaces such as the JIT code in Microsoft Edge, but leave Windows Defender undefended?
Security, Windows, Microsoft, Vulnerability
63 points by LorenDB 47 days ago | 51 comments
Cups Remote Code Execution Vulnerability Fix Available (ubuntu.com)
Canonical’s security team has released updates for the cups-browsed, cups-filters, libcupsfilters and libppd packages for all Ubuntu LTS releases under standard support.
Security, Vulnerability, Software, Linux, Ubuntu
45 points by heisenbit 56 days ago | 21 comments
Unauthenticated RCE vs. all GNU/Linux systems, CVSS 9.9 (threadreaderapp.com)
Unauthenticated RCE vs all GNU/Linux systems (plus others) disclosed 3 weeks ago.
Security, Linux, Vulnerability, CVSS
26 points by yread 60 days ago | 7 comments
The Firestore vulnerability found in Arc is likely widespread (venki.dev)
xyz3va disclosed an Arc vulnerability recently, caused by incorrectly configured Firestore security rules. If you’re using Firestore at your company, you should read this post - it’s reasonably likely that your setup is vulnerable.
Security, Firestore, Cloud Databases, Vulnerability
42 points by venkii 61 days ago | 7 comments
4 exploits, 1 bug: exploiting CVE-2024-20017 4 different ways (coffinsec.com)
At the end of last year I discovered and reported a vulnerability in wappd, a network daemon that is a part of the MediaTek MT7622/MT7915 SDK and RTxxxx SoftAP driver bundle. This chipset is commonly used on embedded platforms that support Wifi6 (802.11ax) including Ubiquiti, Xiaomi, and Netgear devices. As is the case for a handful of other bugs I’ve found, I originally came across this code while looking for bugs on an embedded device: the Netgear WAX206 wireless router.
Security, Networking, Software, Vulnerability, WiFi
58 points by thebeardisred 63 days ago | 5 comments
Gitlab patches bug that could expose a CI/CD pipeline to supply chain attack (scmagazine.com)
GitLab patched 17 bugs, including a critical flaw with a CVSS score of 9.9  that could let an attacker trigger a pipeline as an arbitrary user, leading to privileged escalation, data exfiltration, and a software supply chain compromise.
Cybersecurity, Software, Supply Chain, GitLab, Vulnerability
9 points by LinuxBender 69 days ago | 2 comments
Local Privilege Escalation via MSI Installer (sec-consult.com)
The MSI installers of SoftMaker Office and FreeOffice (SoftMaker) contained a privilege escalation vulnerability.
Security, Software, Vulnerability, Privilege Escalation
20 points by trustinmenowpls 72 days ago | 6 comments
OpenSSH Keystroke Obfuscation Bypass (crzphil.github.io)
A disclosure for an OpenSSH keystroke obfuscation bypass affecting current OpenSSH versions after 9.4.
Security, OpenSSH, Vulnerability, Hacking
200 points by pabs3 73 days ago | 25 comments
SolarWind Web Help Desk Java Deserialization Remote Code Execution Vulnerability (nist.gov)
Security, Java, Vulnerability
19 points by croes 97 days ago | 0 comments
Google Pixel phones sold with security vulnerability, report finds (theverge.com)
Google Pixel, Security, Smartphones, Vulnerability, Technology
31 points by alamortsubite 100 days ago | 12 comments
CVE-2024-38063 Windows TCP/IP Remote Code Execution Vulnerability (microsoft.com)
Security, Windows, Vulnerability
15 points by jstasiak 101 days ago | 1 comments
How we found and fixed an eBPF Linux kernel vulnerability (bughunters.google.com)
Security, Linux, Kernel, Vulnerability
268 points by xxmarkuski 107 days ago | 65 comments
CVE-2024-40798 – an app may be able to read Safari's browsing history (nist.gov)
Security, Safari, Browsing History, Vulnerability
22 points by keepamovin 110 days ago | 12 comments
OpenSSL bug exposed up to 255 bytes of client heap and existed since 2011 (jbp.io)
Security, OpenSSL, Bug, Vulnerability
149 points by belter 116 days ago | 48 comments
It's not just CrowdStrike – the cyber sector is vulnerable (ft.com)
Cybersecurity, Vulnerability, CrowdStrike, Financial Times
123 points by jmsflknr 127 days ago | 127 comments
Unverified NPM Account Takeover Vulnerability for Sale on Dark Web Forum (socket.dev)
Cybersecurity, Software Security, Dark Web, NPM, Vulnerability
53 points by feross 140 days ago | 4 comments
Google now pays $250k for KVM zero-day vulnerabilities (bleepingcomputer.com)
Security, Google, Vulnerability, Bug Bounty
38 points by kungfudoi 143 days ago | 7 comments
Vulnerability in Popular PC and Server Firmware (eclypsium.com)
Vulnerability, Security, Firmware, Servers, PCs
28 points by WaitWaitWha 153 days ago | 1 comments
Nasty Linux Bug, CVE-2024-1086, is on the loose (beehiiv.com)
Linux, Security, Vulnerability, Bugs
40 points by CrankyBear 173 days ago | 9 comments
CVE-2024-4367 – Arbitrary JavaScript execution in PDF.js (codeanlabs.com)
Security, JavaScript, PDF, Vulnerability
207 points by todsacerdoti 187 days ago | 103 comments
Are all Linux vendor kernels insecure? A new study says yes, but there's a fix (zdnet.com)
Linux, Security, Research, Vulnerability, Operating Systems
12 points by jra_samba 190 days ago | 1 comments
New WiFi Vulnerability: The SSID Confusion Attack (top10vpn.com)
WiFi Security, Cybersecurity, Vulnerability, Network Security
18 points by lis 192 days ago | 8 comments