Archer C1200 firmware versions prior to 'Archer C1200(JP)_V2_230508' and Archer C9 firmware versions prior to 'Archer C9(JP)_V3_230508' allow a network-adjacent unauthenticated attacker to execute arbitrary OS...
9.1AI Score
0.002EPSS
Security Bulletin: NVIDIA BlueField Data Processing Unit - September 2023
NVIDIA has released a firmware update for the NVIDIA BlueField Data Processing Unit. This update addresses security issues that may lead to escalation of privileges. To protect your system, download and install this firmware update from the NVIDIA Networking Support page. Go to NVIDIA Product...
7.8CVSS
6.4AI Score
0.0004EPSS
Attacker can DOS the sync function of RdpxV2Core which will brick critical functionality
Lines of code https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/core/RdpxV2Core.sol#L975-L990 https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/core/RdpxV2Core.sol#L1001-L1003 Vulnerability details Impact The sync function of the RdpxV2Core contract is critical for...
6.8AI Score
Fujitsu Limited Real-time Video Transmission Gear "IP series"
EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Fujitsu Limited Equipment: Real-time Video Transmission Gear "IP series" Vulnerability: Use Of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker logging into...
7.5CVSS
7AI Score
0.003EPSS
EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Softneta Equipment: MedDream PACS Vulnerabilities: Exposed Dangerous Method or Function, Plaintext Storage of a Password 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...
9.8CVSS
8.5AI Score
0.02EPSS
Researchers Warn of Cyber Weapons Used by Lazarus Group's Andariel Cluster
The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber assaults against corporations and organizations in the southern counterpart. "One characteristic of the attacks identified in 2023 is that there are numerous malware strains...
8AI Score
Password-stealing Chrome extension smuggled on to Web Store
Researchers at the University of Wisconsin-Madison have demonstrated that Chrome browser extensions can steal passwords from the text input fields in websites, even if the extension is compliant with Chrome's latest security and privacy standard, Manifest V3. To prove it, they created a proof of...
6.9AI Score
JVN#92720882: Multiple vulnerabilities in CGIs of PMailServer and PMailServer2
CGIs included with PMailServer and PMailServer2 provided by A.K.I Software contain multiple vulnerabilities listed below. Stored cross-site scripting vulnerability (CWE-79) - CVE-2023-39223 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4...
7.1AI Score
0.0004EPSS
JVN#78113802: Multiple vulnerabilities in F-RevoCRM
F-RevoCRM provided by Thinkingreed Inc. contains multiple vulnerabilities listed below. OS Command Injection (CWE-78) - CVE-2023-41149 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 9.8 CVSS v2| AV:N/AC:L/Au:N/C:P/I:P/A:P| Base Score: 7.5 ...
9.8CVSS
7.5AI Score
0.001EPSS
A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But...
8.8CVSS
9AI Score
0.002EPSS
A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But...
8.8CVSS
9.2AI Score
0.002EPSS
A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But...
8.8CVSS
9.1AI Score
0.002EPSS
CVE-2023-4746 TOTOLINK N200RE V5 Validity_check format string
A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But...
8.8CVSS
9.3AI Score
0.002EPSS
7.1AI Score
7.1AI Score
7.1AI Score
JVN#82758000: Multiple vulnerabilities in SHIRASAGI
SHIRASAGI provided by SHIRASAGI Project contains multiple vulnerabilities listed below. Reflected cross-site scripting (CWE-79) - CVE-2023-36492 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:H/Au:N/C:N/I:P/A:N| Base...
8.8CVSS
7.6AI Score
0.001EPSS
Fedora 38 : libwebsockets / mosquitto (2023-6a87c003c4)
The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-6a87c003c4 advisory. In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. (CVE-2023-0809) In...
7.5CVSS
6.8AI Score
0.001EPSS
Tinycontrol LAN Controller v3 (LK3) Remote Admin Password Change
Title: Tinycontrol LAN Controller v3 (LK3) Remote Admin Password Change Advisory ID: ZSL-2023-5787 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access Risk: (5/5) Release Date: 01.09.2023 Summary Lan Controller is a very universal device that allows you to connect...
7.7AI Score
Tinycontrol LAN Controller v3 (LK3) Remote Credentials Extraction PoC
Title: Tinycontrol LAN Controller v3 (LK3) Remote Credentials Extraction PoC Advisory ID: ZSL-2023-5786 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access, Exposure of System Information, Exposure of Sensitive Information Risk: (5/5) Release Date: 01.09.2023 Summary...
7.1AI Score
Fedora 37 : mosquitto (2023-e7ed15ab9e)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-e7ed15ab9e advisory. In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. (CVE-2023-0809) In...
7.5CVSS
6.9AI Score
0.001EPSS
Multiple vulnerabilities in IBM Java SDK affect AIX
IBM SECURITY ADVISORY First Issued: Thu Aug 31 12:31:07 CDT 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/java_aug2023_advisory.asc Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX...
9.8CVSS
7.4AI Score
0.003EPSS
EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ARDEREG Equipment: Sistemas SCADA Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to manipulate SQL query logic to extract...
9.8CVSS
8.8AI Score
0.001EPSS
EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: GE Digital Equipment: CIMPLICITY Vulnerability: Process Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a low-privileged local attacker to escalate privileges to SYSTEM. 3....
7.8CVSS
7.1AI Score
0.0004EPSS
EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely Vendor: Digi International, Inc. Equipment: Digi RealPort Protocol Vulnerability: Use of Password Hash Instead of Password for Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow the...
9CVSS
6.9AI Score
0.001EPSS
FetLife: fetlife.com/signup_step_profile expose access_token of mapbox.com
Hi fetlife, I'm investigate on registration step on your site, in registration step at https://fetlife.com/signup_step_profile when user type in field "private_location_name" {F2652527} it use frontend call to api.mapbox.com directly thus expose access_token, I was able to call it directly via...
7.2AI Score
0.001EPSS
JVN#60140221: Multiple vulnerabilities in i-PRO VI Web Client
VI Web Client provided by i-PRO Co., Ltd. is Video Insight’s video management software. VI Web Client contains multiple vulnerabilities listed below. Open Redirect (CWE-601) - CVE-2023-38574 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N| Base Score: 4.7...
6.1CVSS
6.7AI Score
0.001EPSS
Tinycontrol LAN Controller v3 (LK3) Remote Denial Of Service Exploit
Title: Tinycontrol LAN Controller v3 (LK3) Remote Denial Of Service Exploit Advisory ID: ZSL-2023-5785 Type: Local/Remote Impact: Security Bypass, DoS Risk: (4/5) Release Date: 31.08.2023 Summary Lan Controller is a very universal device that allows you to connect many different sensors and...
7.5AI Score
software: mosquitto 2.0.15 WASP: ROSA-CHROME package_evr_string: mosquitto-2.0.15-2.src.rpm CVE-ID: CVE-2021-34431 BDU-ID: 2022-01775 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Mosquitto message broker is related to incorrect processing of a CONNECT packet without will topic, will message.....
7.5CVSS
6.7AI Score
0.001EPSS
EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: Codebeamer Vulnerability: Cross site scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to inject arbitrary JavaScript code, which...
8.8CVSS
6.5AI Score
0.001EPSS
7.5AI Score
7.5AI Score
Security Bulletin: NVIDIA DGX H100 - August 2023
NVIDIA has released a firmware security update for the NVIDIA DGX™ H100 system. This update addresses issues that may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. To protect your system, download and install this firmware update...
9.8CVSS
9.1AI Score
0.002EPSS
Swaps affect LP token mint/burn during liquidity addition/removal
Lines of code Vulnerability details Impact The LP token removal/addition forces a recalculation of the bonding curve, and the utility of the curve. The utility curve in proteus looks like the graph below, where the point A represents a certain composition of the pool. If we try to remove...
6.9AI Score
Lack of events in EvolvingProteus contract
Lines of code Vulnerability details Impact There is no event emitted in the whole contract, even after executing sensitive actions like swaps between assets or at the constructor. That is bad because many automatic tools that monitors the contracts deployed rely on them. For example, see the swap.....
6.8AI Score
Liquidity concentration rate is reduced by the use of timestamp instead of block number
Lines of code https://github.com/code-423n4/2023-08-shell/blob/main/src/proteus/EvolvingProteus.sol#L81 Vulnerability details Impact Liquidity concentration rate is reduced by the use of timestamp instead of block number Proof of Concept The document states that This primitive can passively...
6.7AI Score
Security Bulletin: NVIDIA GeForce NOW for Android - August 2023
NVIDIA has released a firmware security update for the NVIDIA GeForce NOW Android mobile and TV app. This update addresses issues that may lead to code execution, denial of service, and information disclosure. To protect customer systems, the NVIDIA GeForce NOW for Android app will prompt...
4.8CVSS
6.6AI Score
0.0004EPSS
Lines of code Vulnerability details Comments The underlying yield vaults used by the V5 vaults usually round down shares received when depositing. As a result, if the Vault deposits to an underlying yield vault that has already issued shares, it is possible that a deposit could be rounded down to.....
6.7AI Score
Number of prize tiers may never scale due to aggressive new algorithm
Lines of code https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/main/src/PrizePool.sol#L807-L811 https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/main/src/abstract/TieredLiquidityDistributor.sol#L602-L619...
6.7AI Score
Claiming prizes will be bricked if prize periods are not aligned with twab periods
Lines of code https://github.com/GenerationSoftware/pt-v5-twab-controller/blob/main/src/libraries/TwabLib.sol#L244-L251 https://github.com/GenerationSoftware/pt-v5-twab-controller/blob/main/src/libraries/TwabLib.sol#L650-L658 Vulnerability details Comments The previous implementation allowed a...
6.5AI Score
Lockbit leak, research opportunities on tools leaked from TAs
Lockbit is one of the most prevalent ransomware strains. It comes with an affiliate ransomware-as-a-service (RaaS) program offering up to 80% of the ransom demand to participants, and includes a bug bounty program for those who detect and report vulnerabilities that allow files to be decrypted...
7.3AI Score
EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: CODESYS, GmbH Equipment: CODESYS Development System Vulnerability: Insufficient Verification of Data Authenticity. 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
8.8CVSS
7.8AI Score
0.001EPSS
EXECUTIVE SUMMARY **CVSS v3 3.3 ** ATTENTION: low attack complexity Vendor: CODESYS, GmbH Equipment: CODESYS Development System Vulnerability: Improper Restriction of Excessive Authentication Attempts. 2. RISK EVALUATION Successful exploitation of this vulnerability could provide a local...
3.3CVSS
6.5AI Score
0.0004EPSS
EXECUTIVE SUMMARY **CVSS v3 7.5 ** ATTENTION: Exploitable remotely/low attack complexity Vendor: OPTO 22 Equipment: SNAP PAC S1 Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Weak Password Requirements, Improper Access Control, Uncontrolled Resource...
9.8CVSS
7.2AI Score
0.001EPSS
EXECUTIVE SUMMARY **CVSS v3 7.5 ** ATTENTION: Exploitable remotely/low attack complexity/known public exploitation Vendor: KNX Association Equipment: KNX devices using KNX Connection Authorization Vulnerability: Overly Restrictive Account Lockout Mechanism 2. RISK EVALUATION Successful...
7.5CVSS
7.1AI Score
0.0005EPSS
EXECUTIVE SUMMARY **CVSS v3 7.3 ** ATTENTION: low attack complexity Vendor: CODESYS, GmbH Equipment: CODESYS Development System Vulnerability: Uncontrolled Search Path Element. 2. RISK EVALUATION Successful exploitation of this vulnerability could cause users to unknowingly launch a...
7.3CVSS
6.8AI Score
0.0004EPSS