It was discovered that Flask incorrectly handled certain data responses.
An attacker could possibly use this issue to expose sensitive information.

Read More

USN-6005-1 fixed vulnerabilities in Sudo. This update
provides the corresponding updates for Ubuntu 16.04 LTS.

Original advisory details:

Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly
escaped control characters in log messages and sudoreplay output. An
attacker could possibly use these issues to inject terminal control
characters that alter output when being viewed.

Read More

It was discovered that Jhead did not properly handle certain crafted Canon
images when processing them. An attacker could possibly use this issue to
crash Jhead, resulting in a denial of service. (CVE-2021-3496)

It was discovered that Jhead did not properly handle certain crafted images
when printing Canon-specific information. An attacker could possibly use this
issue to crash Jhead, resulting in a denial of service. (CVE-2021-28275)

It was discovered that Jhead did not properly handle certain crafted images
when removing unknown sections. An attacker could possibly use this issue to
crash Jhead, resulting in a denial of service. (CVE-2021-28275)

Kyle Brown discovered that Jhead did not properly handle certain crafted
images when editing their comments. An attacker could possibly use this to
crash Jhead, resulting in a denial of service. (LP: #2020068)

Read More

It was discovered that Linux PTP did not properly perform a length check
when forwarding a PTP message between ports. A remote attacker could
possibly use this issue to access sensitive information, execute
arbitrary code, or cause a denial of service.

Read More

A vulnerability was found in ITRS Group monitor-ninja up to 2021.11.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file modules/reports/models/scheduled_reports.php. The manipulation leads to sql injection. Upgrading to version 2021.11.30 is able to address this issue. The name of the patch is 6da9080faec9bca1ca5342386c0421dca0a6c0cc. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-230084.

Read More

A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this issue. The name of the patch is 58ed88243e17df766036f4857041edaf358076d3. It is recommended to upgrade the affected component. The identifier VDB-230085 was assigned to this vulnerability.

Read More

A vulnerability classified as critical was found in mback2k mh_httpbl Extension up to 1.1.7 on TYPO3. This vulnerability affects the function moduleContent of the file mod1/index.php. The manipulation leads to sql injection. The attack can be initiated remotely. Upgrading to version 1.1.8 is able to address this issue. The name of the patch is 429f50f4e4795b20dae06735b41fb94f010722bf. It is recommended to upgrade the affected component. VDB-230086 is the identifier assigned to this vulnerability.

Read More

Two security issues were discocvered in LibreOffice, which could
potentially result in the execution of arbitrary code when loading a
malformed spreadsheet document or unacknowlegded loading of linked
documents within a floating frame.

Read More

xml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used.

Read More

FortiGuard Labs is aware of a report that a new malware “CosmicEnergy” designed to disrupt electric power systems was discovered. CosmicEnergy was specifically crafted to target IEC-104-compliant Remote Terminal Units (RTUs) used to control power transmission and distribution in Europe and Asia.Why is this Significant?This is significant because the new malware “CosmicEnergy” is capable of interacting with the devices responsible for managing power grids leading to potential power outages. Reportedly, potentially affected devices are primarily located in Europe, the Middle East and Asia. What is CosmicEnergy?CosmicEnergy is a new malware that is designed to disrupt devices used for managing power grids. Reportedly the malware may have been developed as a red team tool by a Russian cyber security company for power disruption drills.CosmicEnergy consists of two components: one is PIEHOP designed to access a MSSQL server within the victim’s network and upload files to the server, the other is LIGHTWORK used capable of sending commands via the IEC-104 protocol to the connected Remote Terminal Units (RTUs).Note to successfully carry out the attack using CosmicEnergy, attackers are required to have various credentials beforehand, such as logins and IP addresses of the target MSSQL server, which considerably raises the attack hurdle.How WideSpread is CosmicEnergy?FortiGuard Labs is not aware of any reports of CosmicEnergy used in the wild.What is the Status of Coverage?FortiGuard Labs has the following AV signatures in place for the PIEHOP installer and LIGHTWORK samples called out in the report:W32/Agent.HOP!trW32/Agent.ORK!tr

Read More