Hacker News with Generative AI: Vulnerability

Vulnerability in partner.microsoft.com allows unauthenticated access (nist.gov)
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.

Cybersecurity, Microsoft, Vulnerability

18 points by speckx 2 days ago | 0 comments

Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China [pdf] (gfw.report)

Cybersecurity, China, Vulnerability, Network Security

10 points by luu 2 days ago | 0 comments

Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China (gfw.report)
We present Wallbleed, a buffer over-read vulnerability that existed in the DNS injection subsystem of the Great Firewall of China.

Security, China, Network Security, Vulnerability

14 points by complexpass 4 days ago | 0 comments

How to gain code execution on hundreds of millions of people and popular apps (kibty.town)

Security, Hacking, Software, Vulnerability, Code Execution

1148 points by xyzeva 6 days ago | 312 comments

Musl Libc: input-controlled out-of-bounds write primitive in iconv (openwall.com)
A vulnerability has been identified in musl libc's implementation of iconv that can result in out-of-bounds memory writes in applications which process untrusted input using iconv and where the input charset for the conversion is input-controlled.

Security, Software, Vulnerability, Linux

7 points by sgammon 7 days ago | 0 comments

MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client (marc.info)
We discovered two vulnerabilities in OpenSSH:

Security, OpenSSH, Vulnerability

6 points by birdculture 16 days ago | 0 comments

Juniper Networks Routers API Authentication Bypass Vulnerability (juniper.net)
Loading×Sorry to interruptCSS ErrorRefresh

Cybersecurity, Network Security, Vulnerability, Juniper Networks, Routers

3 points by zdw 16 days ago | 0 comments

CVE-2025-26519: musl Libc: input-controlled out-of-bounds write (openwall.com)
A vulnerability has been identified in musl libc's implementation of iconv that can result in out-of-bounds memory writes in applications which process untrusted input using iconv and where the input charset for the conversion is input-controlled.

Security, Software, Vulnerability, Linux

12 points by fossdd 21 days ago | 1 comments

Router maker Zyxel tells customers to replace vulnerable hardware (techcrunch.com)
Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.

Cybersecurity, Hardware, Vulnerability, Taiwan

4 points by impish9208 30 days ago | 1 comments

AMD: Microcode Signature Verification Vulnerability (github.com/google)
Google Security Team has identified a security vulnerability in some AMD Zen-based CPUs. This vulnerability allows an adversary with local administrator privileges (ring 0 from outside a VM) to load malicious microcode patches. We have demonstrated the ability to craft arbitrary malicious microcode patches on Zen 1 through Zen 4 CPUs. The vulnerability is that the CPU uses an insecure hash function in the signature validation for microcode updates.

Security, AMD, CPU, Microcode, Vulnerability

287 points by todsacerdoti 31 days ago | 105 comments

Yubico Issues Security Advisory as 2FA Bypass Vulnerability Confirmed (forbes.com)
Two-factor authentication has increasingly become a security essential over recent years, so when news of anything that can bypass those 2FA protections breaks, it’s not something you can ignore.

Security, Two-Factor Authentication, Cybersecurity, Vulnerability

10 points by Fishkins 47 days ago | 0 comments

Apache fixes Traffic Control bug that attackers could exploit (scworld.com)
Apache’s maintainers on Dec. 23 released patches for a critical 9.9 vulnerability in the Traffic Ops component of Apache Traffic Control versions 8.0.0 and 8.0.1.

Security, Apache, Software, Vulnerability

14 points by LinuxBender 70 days ago | 1 comments

OpenOffice security issues unfixed in over 365 days, security status Amber (apache.org)
This was extracted (@ 2024-12-18 21:10) from a list of minutes which have been approved by the Board. Please Note The Board typically approves the minutes of the previous meeting at the beginning of every Board meeting; therefore, the list below does not normally contain details from the minutes of the most recent Board meeting.

Cybersecurity, Apache, Software Security, Vulnerability

8 points by mksaunders2 71 days ago | 3 comments

Critical Apache Struts bug under active exploit (theregister.com)
A critical security hole in Apache Struts 2 – patched last week – is currently being exploited using publicly available proof-of-concept (PoC) code.

Security, Apache Struts, Software, Vulnerability

4 points by thunderbong 79 days ago | 0 comments

Devin AI security vulnerability discovered live on stream [video] (youtube.com)

Security, Artificial Intelligence, Video, Vulnerability

24 points by slashnode 82 days ago | 15 comments

Zizmor would have caught the Ultralytics workflow vulnerability (yossarian.net)
TL;DR: zizmor would have caught the vulnerability that caused this…mostly. Read on for details.

Security, Software, Vulnerability, AI

4 points by wslh 89 days ago | 0 comments

BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (bleepingcomputer.com)
The recently uncovered 'Bootkitty' Linux UEFI bootkit exploits the LogoFAIL flaw, tracked as CVE-2023-40238, to target computers running on vulnerable firmware.

Security, Linux, UEFI, Malware, Vulnerability

5 points by sandwichsphinx 94 days ago | 0 comments

Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root (bleepingcomputer.com)
Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by default in Ubuntu Linux since version 21.04, which were introduced over 10 years ago.

Ubuntu, Security, Vulnerability, Linux, Privilege Escalation

6 points by akyuu 105 days ago | 2 comments

YubiKey still selling old stock with vulnerable firmware (ycombinator.com)
FYI, YubiKey is apparently still selling old stock with firmware vulnerable to the EUCLEAK attack instead of disposing of them, as a reader of Fefe's Blog reported:

Security, Hardware, Firmware, Vulnerability

288 points by MaKey 115 days ago | 109 comments

Okta – Username Above 52 Characters Security Advisory (okta.com)
On October 30, 2024, a vulnerability was internally identified in generating the cache key for AD/LDAP DelAuth.

Security, Cybersecurity, Software, Vulnerability

144 points by lopkeny12ko 125 days ago | 74 comments

RCE Vulnerability in QBittorrent (sharpsec.run)
In qBittorrent, the DownloadManager class has ignored every SSL certificate validation error that has ever happened, on every platform, for 14 years and 6 months since April 6 2010 with commit 9824d86. The default behaviour changed to verifying on October 12 2024 with commit 3d9e971. The first patched release is version 5.0.1, released 2 days ago.

Security, Software, Vulnerability, QBittorrent

376 points by udev4096 127 days ago | 187 comments

CVE-2024-9632 xorg-x11-server: heap-based buffer overflow privilege escalation (redhat.com)
CVE-2024-9632 xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability

Security, Vulnerability, Linux, Software, X11

3 points by todsacerdoti 128 days ago | 0 comments

CVE-2024-45844: Privilege escalation in F5 BIG-IP (almond.consulting)
The previous articles Post-Exploiting an F5 BIG-IP: root, and now what? and Deep diving into F5 Secure Vault helped us to get a better understanding of the internal F5 mechanisms.

Cybersecurity, F5, Vulnerability, Privilege Escalation, Software

12 points by notmine1337 132 days ago | 0 comments

Samsung meets MediaTek: The story of a small bug chain [pdf] (sstic.org)

Samsung, MediaTek, Security, Bug, Vulnerability

47 points by sipofwater 135 days ago | 5 comments

Fortinet critical 0-day vulnerability being actively exploited (arstechnica.com)
Fortinet, a maker of network security software, has kept a critical vulnerability under wraps for more than a week amid reports that attackers are using it to execute malicious code on servers used by sensitive customer organizations.

Cybersecurity, Vulnerability, Fortinet

8 points by heresie-dabord 135 days ago | 0 comments

Microsoft didn't sandbox Windows Defender, so I did (2017) (trailofbits.com)
Microsoft exposed their users to a lot of risks when they released Windows Defender without a sandbox. This surprised me. Sandboxing is one of the most effective security-hardening techniques. Why did Microsoft sandbox other high-value attack surfaces such as the JIT code in Microsoft Edge, but leave Windows Defender undefended?

Security, Windows, Microsoft, Vulnerability

63 points by LorenDB 150 days ago | 51 comments

Cups Remote Code Execution Vulnerability Fix Available (ubuntu.com)
Canonical’s security team has released updates for the cups-browsed, cups-filters, libcupsfilters and libppd packages for all Ubuntu LTS releases under standard support.

Security, Vulnerability, Software, Linux, Ubuntu

45 points by heisenbit 160 days ago | 21 comments

Unauthenticated RCE vs. all GNU/Linux systems, CVSS 9.9 (threadreaderapp.com)
Unauthenticated RCE vs all GNU/Linux systems (plus others) disclosed 3 weeks ago.

Security, Linux, Vulnerability, CVSS

26 points by yread 164 days ago | 7 comments

The Firestore vulnerability found in Arc is likely widespread (venki.dev)
xyz3va disclosed an Arc vulnerability recently, caused by incorrectly configured Firestore security rules. If you’re using Firestore at your company, you should read this post - it’s reasonably likely that your setup is vulnerable.

Security, Firestore, Cloud Databases, Vulnerability

42 points by venkii 164 days ago | 7 comments

4 exploits, 1 bug: exploiting CVE-2024-20017 4 different ways (coffinsec.com)
At the end of last year I discovered and reported a vulnerability in wappd, a network daemon that is a part of the MediaTek MT7622/MT7915 SDK and RTxxxx SoftAP driver bundle. This chipset is commonly used on embedded platforms that support Wifi6 (802.11ax) including Ubiquiti, Xiaomi, and Netgear devices. As is the case for a handful of other bugs I’ve found, I originally came across this code while looking for bugs on an embedded device: the Netgear WAX206 wireless router.

Security, Networking, Software, Vulnerability, WiFi

58 points by thebeardisred 166 days ago | 5 comments