Cybersecurity information flow

干净的信息流推送工具,偏向安全圈的点点滴滴,为安全研究人员每日发现优质内容.

了解更多 »

最近更新
时间 节点
2024年5月19日 07:36 CXSECURITY Database RSS Feed -
Topic: TrojanSpy.Win64.EMOTET.A MVID-2024-0684 Code Execution Risk: Low Text:Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/f917c77f60c3c1ac...

" 主题:TrojanSpy.Win64.EMOTET.A MVID-2024-0684 代码执行风险:低\n\n文本:发现/致谢:Malvuln(John Page 又名 hyp3rlinx)(版权所有 2024)\n原始来源:https://malvuln.com/advisory/f917c77f60c3c1ac...\n\n恶意软件概述:TrojanSpy.Win64.EMOTET.A 是一款针对 Windows 64 架构的间谍软件。执行代码的风险较低。\n\n发现与致谢:感谢 Malvuln(John Page 又名 hyp3rlinx)版权所有 2024。原始来源:https://malvuln.com/advisory/f917c77f60c3c1ac..."
2024年5月19日 04:03 Github_POC
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Very Good Plugins WP Fusion Lite allows Command Injection.This issue affects WP Fusion Lite: from n/a through 3.41.24.
[GitHub]CVE-2024-27972 WP Fusion Lite <= 3.41.24 - Authenticated (Contributor+) Remote Code Execution

" 非常优秀的插件WP Fusion Lite中,对命令中使用的特殊元素的不正确中和(命令注入)漏洞允许命令注入。此问题影响了WP Fusion Lite版本:从n/a至3.41.24。\n[GitHub]CVE-2024-27972 WP Fusion Lite <= 3.41.24 - 认证(贡献者+)远程代码执行"
2024年5月19日 04:02 Github_POC
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources.
[GitHub]CVE-2024-32002 RCE PoC

" Git 是一种版本控制系统。在 2.45.1、2.44.1、2.43.4、2.42.2、2.41.1、2.40.2 和 2.39.4 版本之前,带有子模块的仓库可以以一种利用 Git 中的漏洞的方式构建,这种方式可以让 Git 被欺骗地将文件写入 `.git/` 目录,而不是子模块的工作树。这允许在克隆操作仍在运行时编写一个钩子,使用户没有机会检查正在执行的代码。该问题已在 2.45.1、2.44.1、2.43.4、2.42
2024年5月19日 04:02 Github_POC
Windows Kernel Elevation of Privilege Vulnerability
[GitHub]Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.

" Windows内核权限提升漏洞\n[GitHub]启用HVCI的Windows 10和Windows 11操作系统上的管理员到内核的本地权限提升漏洞。"
2024年5月19日 03:12 Github关注
malware written for educational purposes
2024年5月19日 00:03 Github关注
阿里云数据库内核月报分类整理(定时更新) http://mysql.taobao.org/monthly/
2024年5月19日 00:03 Github关注
📌 a missing Java std lib(simple & 0-dependency) for framework/middleware, provide an enhanced InheritableThreadLocal that transmits values between …
2024年5月19日 00:03 Github关注
本项目是一个基于vue、nuxt.js的网盘搜索项目,且持续开源和维护;目的实现人人都可以拥有自己的网盘搜索网站;建议自己部署,salute to all
2024年5月19日 00:03 Github关注
2024年5月19日 00:03 SecWiki周报
2024年5月18日 22:23 Github关注
List of free GPTs that doesn't require plus subscription
2024年5月18日 21:54 知名组件CVE监控
有新的漏洞组件被发现啦,组件ID:XAMPP
Uncontrolled resource consumption vulnerability in XAMPP Windows, versions 7.3.2 and earlier. This vulnerability exists when XAMPP attempts to process many incomplete HTTP requests, resulting in resource consumption and system crashes.
2024年5月18日 21:52 知名组件CVE监控
有新的漏洞组件被发现啦,组件ID:F5
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix deadlock while reading mqd from debugfs An errant disk backup on my desktop got into debugfs and triggered the following deadlock scenario in the amdgpu debugfs files. The machine also hard-resets immediately after those lines are printed (although I wasn't able to reproduce that part when reading by hand): [ 1318.016074][ T1082] ====================================================== [ 1318.016607][ T1082] WARNING: possible circular locking dependency detected [ 1318.017107][ T1082] 6.8.0-rc7-00015-ge0c8221b72c0 #17 Not tainted [ 1318.017598][ T1082] ------------------------------------------------------ [ 1318.018096][ T1082] tar/1082 is trying to acquire lock: [ 1318.018585][ T1082] ffff98c44175d6a0 (&mm->mmap_lock){++++}-{3:3}, at: __might_fault+0x40/0x80 [ 1318.019084][ T1082] [ 1318.019084][ T1082] but task is already holding lock: [ 1318.020052][ T1082] ffff98c4c13f55f8 (reservation_ww_class_mutex){+.
2024年5月18日 21:52 知名组件CVE监控
有新的漏洞组件被发现啦,组件ID:F5
In the Linux kernel, the following vulnerability has been resolved: dm-raid: really frozen sync_thread during suspend 1) commit f52f5c71f3d4 ("md: fix stopping sync thread") remove MD_RECOVERY_FROZEN from __md_stop_writes() and doesn't realize that dm-raid relies on __md_stop_writes() to frozen sync_thread indirectly. Fix this problem by adding MD_RECOVERY_FROZEN in md_stop_writes(), and since stop_sync_thread() is only used for dm-raid in this case, also move stop_sync_thread() to md_stop_writes(). 2) The flag MD_RECOVERY_FROZEN doesn't mean that sync thread is frozen, it only prevent new sync_thread to start, and it can't stop the running sync thread; In order to frozen sync_thread, after seting the flag, stop_sync_thread() should be used. 3) The flag MD_RECOVERY_FROZEN doesn't mean that writes are stopped, use it as condition for md_stop_writes() in raid_postsuspend() doesn't look correct. Consider that reentrant stop_sync_thread() do nothing, always call md_stop_writes() in raid_postsu
2024年5月18日 21:51 知名组件CVE监控
有新的漏洞组件被发现啦,组件ID:DedeCMS
DedeCMS V5.7.113 is vulnerable to Cross Site Scripting (XSS) via sys_data_replace.php.
2024年5月18日 21:48 知名组件CVE监控
有新的漏洞组件被发现啦,组件ID:Zabbix
Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to "Audit Log". Due to "clientip" field is not sanitized, it is possible to injection SQL into "clientip" and exploit time based blind SQL injection.
2024年5月18日 21:47 知名组件CVE监控
有新的漏洞组件被发现啦,组件ID:F5
In the Linux kernel, the following vulnerability has been resolved: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" This reverts commit 662404b24a4c4d839839ed25e3097571f5938b9b. The revert is required due to the suspicion it is not good for anything and cause crash.
2024年5月18日 19:26 Github关注
Simple library to listen and send events to keyboard and mouse (MacOS, Windows, Linux)
2024年5月18日 18:46 Github关注
Heapless, `static` friendly data structures
2024年5月18日 18:46 Github关注
🥷 Run AI-agents with an API
2024年5月18日 18:06 Github关注
🦀 How to minimize Rust binary size 📦
2024年5月18日 16:46 Github关注
Sonic is a Go library for network and I/O programming that provides developers with a consistent asynchronous model, with a focus on achieving the …
2024年5月18日 16:16 Github_POC
The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
[GitHub]CVE-2023-4596 Vulnerable Exploit and Checker Version

" WordPress的Forminator插件由于在上传文件到服务器后才进行文件类型验证,因此存在 arbitrary file uploads 漏洞。此漏洞存在于 versions up to,包括1.24.6版本的upload_post_image()函数中。这使得未经身份验证的攻击者可以在受影响网站的服务器上上传任意文件,可能导致远程代码执行。\n[GitHub] CVE-2023-4596 漏洞利用与检查器版本"
2024年5月18日 15:06 freebuf
EasySSH是一款功能强大的SSH连接管理工具,提供了针对SSH连接相关的完整、高效且易于使用的解决方案。
2024年5月18日 13:06 freebuf
用户一定要警惕从未知来源下载的文件,即使是最简单的软件包也能成为恶意软件的载体。
2024年5月18日 10:16 Github_POC
Medtronic MyCareLink Smart 25000 all versions are vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited an attacker could remotely execute code on the MCL Smart Patient Reader device, leading to control of the device.
[GitHub]A simulation of CVE-2020-27252 for CSC699.

" 麦迪逊MyCareLink Smart 25000所有版本均在MCL智能患者阅读器软件更新系统中的竞态条件中存在漏洞,这允许未经签名的固件在上传和执行患者阅读器。如果该漏洞被利用,攻击者可以在MCL智能患者阅读器设备上远程执行代码,从而导致设备失控。\n[GitHub]针对CSC699的CVE-2020-27252模拟。"
2024年5月18日 10:06 freebuf
介绍最新的漏洞分析以及1day放漏。zeppelin通信时候采用三种协议HTTP+websocket+Thrift协议,通过本篇文章可以大体...
2024年5月18日 09:56 Github_POC
[GitHub]A simulation of CVE-2020-27252 for CSC699.

" [GitHub] 为CSC699模拟CVE-2020-27252。\n\n注:CVE-2020-27252 是一个通用漏洞索引(Common Vulnerabilities and Exposures,简称CVE)编号,CSC699可能是某门课程的编号。此处翻译为“为CSC699模拟CVE-2020-27252”,意为在一个名为CSC699的课程中模拟该漏洞。"
2024年5月18日 09:56 Github_POC
Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when `register_argc_argv` option of PHP is `On`. In `cmd_realtime.php` line 119, the `$poller_id` used as part of the command execution is sourced from `$_SERVER['argv']`, which can be controlled by URL when `register_argc_argv` option of PHP is `On`. And this option is `On` by default in many environments such as the main PHP Docker image for PHP. Commit 53e8014d1f082034e0646edc6286cde3800c683d contains a patch for the issue, but this commit was reverted in commit 99633903cad0de5ace636249de16f77e57a3c8fc.
[GitHub]CVE-2024-29895 | RCE on CACTI 1.3.X dev

" Cacti提供了一个运营监控和故障管理框架。1.3.x DEV分支上的命令注入漏洞允许任何未认证的用户在PHP的`register_argc_argv`选项设置为`On`时,在服务器上执行任意命令。在`cmd_realtime.php`的第119行,用作命令执行部分之一的`$poller_id`来源于`$_SERVER['argv'],当`register_argc_argv`选项设置为`On`时,该值可以被URL控制。而在许多环境中,如PHP的主Docker镜像,这个选项默认就是`On`。 Commit
2024年5月18日 09:06 freebuf
总结推荐本周的热点资讯、安全事件、一周好文和省心工具,保证大家不错过本周的每一个重点!