Cybersecurity information flow

Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all cells and non-personal workspaces is granted.
[GitHub]PoC for CVE-2023-32749 affecting Pydio Cells

" Pydio Cells 默认允许用户创建所谓的外部用户，以便与他们共享文件。通过修改创建此类外部用户时发送的 HTTP 请求，可以为新用户分配任意角色。将所有角色分配给新创建的用户，将授予访问所有细胞和不受欢迎的工作区的权限。\n[GitHub]针对影响 Pydio Cells 的 CVE-2023-32749 的证明概念"

Oxwall 1.8.7 (11111) is vulnerable to Incorrect Access Control. Unauthenticated file upload allows an attacker to upload image files.
[GitHub]About CVE-2021-36593 and CVE-2021-36594

" Oxwall 1.8.7（11111）存在错误访问控制漏洞。未经身份验证的文件上传允许攻击者上传图像文件。[GitHub]关于CVE-2021-36593和CVE-2021-36594的说明"

GitHub Action that given an organization or repository, produces information about the contributors over the specified time period.

JavaFX mainline development

[CVPR 2023] SadTalker：Learning Realistic 3D Motion Coefficients for Stylized Audio-Driven Single Image Talking Face Animation

利用生成式AI实现自动化恶意软件逆向工程分析 https://mp.weixin.qq.com/s/QPFU2qhsK8p3_tj7BlFkbA
实战解读：Llama 3 安全性对抗分析 https://mp.weixin.qq.com/s/qLf5-HXG-WtS1LAQUD8pww
C2-Tracker: Live Feed of C2 servers, tools, and botnets https://github.com/montysecurity/C2-Tracker
2024鹅厂游戏安全技术竞赛决赛题解-PC客户端 https://mp.weixin.qq.com/s/TxPzHAPsnjdYDSzLfKwkjA
探索基于大模型的知识图谱补全 https://mp.weixin.qq.com/s/DQEfeFFNYyv0-StUAe218Q
大网两级SOC联动的要素 https://mp.weixin.qq.com/s?__biz=MzI3MTU2NTUyMQ==&mid=2247483655&idx=1&sn=13a8de3ceb0864217f148962f0dd040d&chksm=eb3e96b9dc491faf79f47914ae4ddd2b066f77504bb5d7c2e59ff4f473f01bc7df30b4b15963&token=108356932&lang=zh_CN#rd
Crowdstrike不仅仅是SaaS EDR https://mp.weixin.qq.com/s?__biz=MzI3MTU2NTUyMQ==&mid=2247483683&idx=1&sn=ebaed6dd9b51a08e1dfcf7b1893f976e&chksm=eb3e969ddc491f8b10c84e031151d0ff38f0f64cab748f6e453e051b8eea5aef972757f9cd45&token=108356932&lang=zh_CN#rd

| Niccolo Arboleda | Guest Author Niccolo Arboleda is a cybersecurity enthusiast and student at the University of Toronto. He is usually found in his home lab studying different cybersecurity […]
The post At Home Detection Engineering Lab for Beginners appeared first on Black Hills Information Security.

" |尼科洛·阿布拉尔代亚（Niccolo Arboleda）| 特邀作者\n尼科洛·阿布拉尔代亚（Niccolo Arboleda）是多伦多大学的一名网络安全爱好者和学生。他通常在他的家庭实验室里研究不同的网络安全 […]\n文章首发于黑山信息安全（Black Hills Information Security）。\n\n在家检测工程实验室入门指南"

Threat actors breached the Dropbox Sign production environment and accessed customer email addresses and hashed passwords Cloud storage provider DropBox revealed that threat actors have breached the production infrastructure of the DropBox Sign eSignature service and gained access to customer information and authentication data. Dropbox Sign is a service that allows users to electronically sign […]

" 威胁参与者突破了Dropbox签名的生产环境，获得了客户电子邮件地址和哈希密码。云存储提供商DropBox透露，威胁参与者已经突破了DropBox签名电子签名服务的生产基础设施，获得了客户信息和认证数据。Dropbox签名是一项允许用户电子签名文件的服务 […]"

Red Hat Security Advisory 2024-2645-03 - An update for podman is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

" 红帽安全公告2024-2645-03 - 适用于红帽企业Linux 9.2扩展更新支持的podman更新已可用。"

Red Hat Security Advisory 2024-2651-03 - An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.

" 红帽安全公告2024-2651-03 - 现已为Red Hat Enterprise Linux 8.8扩展更新支持提供nodejs：16模块的更新。解决的问题包括服务拒绝漏洞。"

htmlLawed versions 1.2.5 and below proof of concept remote command execution exploit.

" HTMLLawed 1.2.5及以下版本的证明概念远程命令执行漏洞。"

Ubuntu Security Notice 6747-2 - USN-6747-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Bartek Nowotarski discovered that Firefox did not properly limit HTTP/2 CONTINUATION frames. An attacker could potentially exploit this issue to cause a denial of service. Gary Kwong discovered that Firefox did not properly manage memory when running garbage collection during realm initialization. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. Lukas Bernhard discovered that Firefox did not properly manage memory during JIT optimizations, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a d

Debian Linux Security Advisory 5676-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

" Debian Linux安全公告5676-1：在Chromium中发现了安全漏洞，可能导致任意代码执行、服务拒绝或信息泄露。"

By Francesco Bertolaccini You’ve reached computer programming nirvana. Your journey has led you down many paths, including believing that God wrote the universe in LISP, but now the truth is clear in your mind: every problem can be solved by writing one more compiler. It’s true. Even our soon-to-be artificially intelligent overlords are nothing but […]

" 弗朗切斯科·贝托拉卡尼尼译：\n\n您已达到计算机编程的涅槃境界。您的旅程使您走上了许多道路，包括相信上帝用LISP编写宇宙，但现在真相在您脑海中变得清晰：每个问题都可以通过编写另一个编译器来解决。这是真的。即使是我们即将成为的人工智能统治者，也只不过是……\n\n【译者注】：此处省略原文中的一部分内容，因为它们与主题无关。"

' . escape_html($name) . '

有新的漏洞组件被发现啦,组件ID:Nagios XI
An issue with the Autodiscover component in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted Dashlet.

有新的漏洞组件被发现啦,组件ID:Django
Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. It was discovered that due to improper handling and escaping of user-provided query parameters, a maliciously crafted Nautobot URL could potentially be used to execute a Reflected Cross-Site Scripting (Reflected XSS) attack against users. All filterable object-list views in Nautobot are vulnerable. This issue has been fixed in Nautobot versions 1.6.20 and 2.2.3. There are no known workarounds for this vulnerability.

有新的漏洞组件被发现啦,组件ID:IBM WebSphere
IBM WebSphere Automation 1.7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285648.

有新的漏洞组件被发现啦,组件ID:IBM WebSphere
IBM WebSphere Automation 1.7.0 could allow an attacker with privileged access to the network to conduct a CSV injection. An attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 285623.

有新的漏洞组件被发现啦,组件ID:F5
In the Linux kernel, the following vulnerability has been resolved: leds: trigger: netdev: Fix kernel panic on interface rename trig notify Commit d5e01266e7f5 ("leds: trigger: netdev: add additional specific link speed mode") in the various changes, reworked the way to set the LINKUP mode in commit cee4bd16c319 ("leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename") and moved it to a generic function. This changed the logic where, in the previous implementation the dev from the trigger event was used to check if the carrier was ok, but in the new implementation with the generic function, the dev in trigger_data is used instead. This is problematic and cause a possible kernel panic due to the fact that the dev in the trigger_data still reference the old one as the new one (passed from the trigger event) still has to be hold and saved in the trigger_data struct (done in the NETDEV_REGISTER case). On calling of get_device_state(), an invalid net_dev is used and this cause a k

有新的漏洞组件被发现啦,组件ID:F5
In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306] general protection fault, probably for non-canonical address 0x6677ed422bceb80c: 0000 [#1] PREEMPT SMP PTI [ 4562.099314] CPU: 2 PID: 23171 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27 [ 4562.099324] Hardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021 [ 4562.099330] RIP: 0010:nvkm_object_search+0x1d/0x70 [nouveau] [ 4562.099503] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 48 89 f8 48 85 f6 74 39 48 8b 87 a0 00 00 00 48 85 c0 74 12 <48> 8b 48 f8 48 39 ce 73 15 48 8b 40 10 48 85 c0 75 ee 48 c7 c0 fe [ 4562.099506] RSP: 0000:ffffa94cc420bbf8 EFLAGS: 00010206 [ 4562.099512] RAX: 6677ed422bceb814 RBX: ffff98108791f400 RCX: ffff9810f26b8f58

有新的漏洞组件被发现啦,组件ID:F5
In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhost_worker will call tun call backs to receive packets. If too many illegal packets arrives, tun_do_read will keep dumping packet contents. When console is enabled, it will costs much more cpu time to dump packet and soft lockup will be detected. net_ratelimit mechanism can be used to limit the dumping rate. PID: 33036 TASK: ffff949da6f20000 CPU: 23 COMMAND: "vhost-32980" #0 [fffffe00003fce50] crash_nmi_callback at ffffffff89249253 #1 [fffffe00003fce58] nmi_handle at ffffffff89225fa3 #2 [fffffe00003fceb0] default_do_nmi at ffffffff8922642e #3 [fffffe00003fced0] do_nmi at ffffffff8922660d #4 [fffffe00003fcef0] end_repeat_nmi at ffffffff89c01663 [exception RIP: io_serial_in+20] RIP: ffffffff89792594 RSP: ffffa655314979e8 RFLAGS: 00000002 RAX: ffffffff89792500 RBX: ffffffff8af428a0 RCX: 0000000000000000 RDX: 00000000000003fd RSI: 0000000000000005 RDI: ffffffff

有新的漏洞组件被发现啦,组件ID:F5
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: restore set elements when delete set fails From abort path, nft_mapelem_activate() needs to restore refcounters to the original state. Currently, it uses the set->ops->walk() to iterate over these set elements. The existing set iterator skips inactive elements in the next generation, this does not work from the abort path to restore the original state since it has to skip active elements instead (not inactive ones). This patch moves the check for inactive elements to the set iterator callback, then it reverses the logic for the .activate case which needs to skip active elements. Toggle next generation bit for elements when delete set command is invoked and call nft_clear() from .activate (abort) path to restore the next generation bit. The splat below shows an object in mappings memleak: [43929.457523] ------------[ cut here ]------------ [43929.457532] WARNING: CPU: 0 PID: 1139 at include/net/netfilt

有新的漏洞组件被发现啦,组件ID:F5
In the Linux kernel, the following vulnerability has been resolved: serial: core: Clearing the circular buffer before NULLifying it The circular buffer is NULLified in uart_tty_port_shutdown() under the spin lock. However, the PM or other timer based callbacks may still trigger after this event without knowning that buffer pointer is not valid. Since the serial code is a bit inconsistent in checking the buffer state (some rely on the head-tail positions, some on the buffer pointer), it's better to have both aligned, i.e. buffer pointer to be NULL and head-tail possitions to be the same, meaning it's empty. This will prevent asynchronous calls to dereference NULL pointer as reported recently in 8250 case: BUG: kernel NULL pointer dereference, address: 00000cf5 Workqueue: pm pm_runtime_work EIP: serial8250_tx_chars (drivers/tty/serial/8250/8250_port.c:1809) ... ? serial8250_tx_chars (drivers/tty/serial/8250/8250_port.c:1809) __start_tx (drivers/tty/serial/8250/8250_port.c:1551) serial8250_st