#nocve — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #nocve, aggregated by home.social.
-
Coroutine stack-to-heap overflow via unbounded recursion in NAR directory parser
https://github.com/NixOS/nix/security/advisories/GHSA-vh5x-56v6-4368
#Nix #Lix
#NoCVE atm -
Coroutine stack-to-heap overflow via unbounded recursion in NAR directory parser
https://github.com/NixOS/nix/security/advisories/GHSA-vh5x-56v6-4368
#Nix #Lix
#NoCVE atm -
Coroutine stack-to-heap overflow via unbounded recursion in NAR directory parser
https://github.com/NixOS/nix/security/advisories/GHSA-vh5x-56v6-4368
#Nix #Lix
#NoCVE atm -
Coroutine stack-to-heap overflow via unbounded recursion in NAR directory parser
https://github.com/NixOS/nix/security/advisories/GHSA-vh5x-56v6-4368
#Nix #Lix
#NoCVE atm -
Coroutine stack-to-heap overflow via unbounded recursion in NAR directory parser
https://github.com/NixOS/nix/security/advisories/GHSA-vh5x-56v6-4368
#Nix #Lix
#NoCVE atm -
#Xiaomi advisories by Taszk
https://labs.taszk.io/blog/post/114_mi_heap_bof/
https://labs.taszk.io/blog/post/113_mi_rng_predict/
https://labs.taszk.io/blog/post/112_mi_hshake_bypass/
It seems there is some exceptionally dump vendor policy in the works so #NoCVE -
Remote Pre-Auth Buffer Overflow in GNU Inetutils telnetd (LINEMODE SLC)
https://seclists.org/oss-sec/2026/q1/300
#NoCVE yet? -
[RSS] Keiro Control authentication bypass (0-day?) #NoCVE
https://ssd-disclosure.com/ssd-advisory-kerio-control-authentication-bypass-and-rce/ -
[oss-security] Roundcube webmail: Post-Auth RCE via PHP Object Deserialization reported by firs0v /by @hanno
https://www.openwall.com/lists/oss-security/2025/06/02/1
#NoCVE -
[RSS] Protecting Windows users from Janet Jackson's Rhythm Nation
https://devblogs.microsoft.com/oldnewthing/20250429-42/?p=111127
#NoCVE -
[RSS] Finding an Unauthenticated RCE nday in Zendto, patched quietly in 2021. Lots of vulnerable instances exposed to the internet.
https://projectblack.io/blog/zendto-nday-vulnerabilities/
#NoCVE -
This is the out-of-bands read, that didn't get a CVE apparently:
https://github.com/php/php-src/security/advisories/GHSA-wg4p-4hqh-c3g9
#PHP #NoCVE -
[RSS] Pwn everything Bounce everywhere all at once (part 2)
http://blog.quarkslab.com/pwn-everything-bounce-everywhere-all-at-once-part-2.html
New pre-auth RCE exploit chains for old SOPlanning bugs #NoCVE -
#cURL doesn't validate SSH host identity if known_hosts file is missing. I think this is a #vulnerability, but the project disagrees. Advisory is here: https://sintonen.fi/advisories/curl-ssh-insufficient-host-identity-verification.txt
-
SECURITY ADVISORY - PUBLIC DISCLOSURE
2024-11-14Minut M2 (P2/Point) IoT devices with firmwares up to and including #15142 are susceptible to hostile takeover by a physically proximate attacker. The vendor was notified 2024-08-16 and any device in active use should have received updated firmware.
These devices are marketed towards the short-term rental market thus the intended use case is for possible attackers to have physical access, and the attack can be performed through the externally accessible USB-C port. The attack gives full persistent control over the device and can be used to invalidate the intended notifications for the short-term rental host regarding noise levels and occupancy by guests. It's also possible for an attacker to persist surveillance code that will spy on other guests and/or the host and exfiltrate over the network.
The attacker needs to have crafted new firmware in advance using keys extracted from any other Minut M2 device running firmware #15142 or below.
Minut M2 owners should verify that their devices have received a recent firmware update to at least version #1056696.
Vendor website: https://www.minut.com
Research and reporting by Troed Sångberg, Amlisoft AB -
SECURITY ADVISORY - PUBLIC DISCLOSURE
2024-11-14Minut M2 (P2/Point) IoT devices with firmwares up to and including #15142 are susceptible to hostile takeover by a physically proximate attacker. The vendor was notified 2024-08-16 and any device in active use should have received updated firmware.
These devices are marketed towards the short-term rental market thus the intended use case is for possible attackers to have physical access, and the attack can be performed through the externally accessible USB-C port. The attack gives full persistent control over the device and can be used to invalidate the intended notifications for the short-term rental host regarding noise levels and occupancy by guests. It's also possible for an attacker to persist surveillance code that will spy on other guests and/or the host and exfiltrate over the network.
The attacker needs to have crafted new firmware in advance using keys extracted from any other Minut M2 device running firmware #15142 or below.
Minut M2 owners should verify that their devices have received a recent firmware update to at least version #1056696.
Vendor website: https://www.minut.com
Research and reporting by Troed Sångberg, Amlisoft AB -
SECURITY ADVISORY - PUBLIC DISCLOSURE
2024-11-14Minut M2 (P2/Point) IoT devices with firmwares up to and including #15142 are susceptible to hostile takeover by a physically proximate attacker. The vendor was notified 2024-08-16 and any device in active use should have received updated firmware.
These devices are marketed towards the short-term rental market thus the intended use case is for possible attackers to have physical access, and the attack can be performed through the externally accessible USB-C port. The attack gives full persistent control over the device and can be used to invalidate the intended notifications for the short-term rental host regarding noise levels and occupancy by guests. It's also possible for an attacker to persist surveillance code that will spy on other guests and/or the host and exfiltrate over the network.
The attacker needs to have crafted new firmware in advance using keys extracted from any other Minut M2 device running firmware #15142 or below.
Minut M2 owners should verify that their devices have received a recent firmware update to at least version #1056696.
Vendor website: https://www.minut.com
Research and reporting by Troed Sångberg, Amlisoft AB -
SECURITY ADVISORY - PUBLIC DISCLOSURE
2024-11-14Minut M2 (P2/Point) IoT devices with firmwares up to and including #15142 are susceptible to hostile takeover by a physically proximate attacker. The vendor was notified 2024-08-16 and any device in active use should have received updated firmware.
These devices are marketed towards the short-term rental market thus the intended use case is for possible attackers to have physical access, and the attack can be performed through the externally accessible USB-C port. The attack gives full persistent control over the device and can be used to invalidate the intended notifications for the short-term rental host regarding noise levels and occupancy by guests. It's also possible for an attacker to persist surveillance code that will spy on other guests and/or the host and exfiltrate over the network.
The attacker needs to have crafted new firmware in advance using keys extracted from any other Minut M2 device running firmware #15142 or below.
Minut M2 owners should verify that their devices have received a recent firmware update to at least version #1056696.
Vendor website: https://www.minut.com
Research and reporting by Troed Sångberg, Amlisoft AB -
SECURITY ADVISORY - PUBLIC DISCLOSURE
2024-11-14Minut M2 (P2/Point) IoT devices with firmwares up to and including #15142 are susceptible to hostile takeover by a physically proximate attacker. The vendor was notified 2024-08-16 and any device in active use should have received updated firmware.
These devices are marketed towards the short-term rental market thus the intended use case is for possible attackers to have physical access, and the attack can be performed through the externally accessible USB-C port. The attack gives full persistent control over the device and can be used to invalidate the intended notifications for the short-term rental host regarding noise levels and occupancy by guests. It's also possible for an attacker to persist surveillance code that will spy on other guests and/or the host and exfiltrate over the network.
The attacker needs to have crafted new firmware in advance using keys extracted from any other Minut M2 device running firmware #15142 or below.
Minut M2 owners should verify that their devices have received a recent firmware update to at least version #1056696.
Vendor website: https://www.minut.com
Research and reporting by Troed Sångberg, Amlisoft AB -
I published my analysis of the Series 9000 Brainalyzer exploit by Rick Sanchez:
https://video.infosec.exchange/w/jtR1V9N5ghHES5oayeBrrd
Did I miss anything?
#NoCVE -
mpg123 buffer overflow in versions before 1.32.8
https://seclists.org/oss-sec/2024/q4/45
#NoCVE yet - Edit: Got assigned CVE-2024-10573