1288H V5; 2288H V5; 2488 V5; CH121 V3; CH121L V3; CH121L V5; CH121 V5; CH140 V3; CH140L V3; CH220 V3; CH222 V3; CH242 V3; CH242 V5; RH1288 V3; RH2288 V3; RH2288H V3; XH310 V3; XH321 V3; XH321 V5; XH620 V3 Security Vulnerabilities

Mageia: Security Advisory (MGASA-2023-0243)

The remote host is missing an update for...

AMSS++ 5.21.09 SQL Injection

...

Stored Cross-Site Scripting October CMS

An svg file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code in the context of a browser via a crafted svg file. Attackers must be authenticated as...

Stored Cross-Site Scripting October CMS

An svg file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code in the context of a browser via a crafted svg file. Attackers must be authenticated as...

CVE-2023-38285

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic...

CVE-2023-37692

An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted...

CVE-2023-38285

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic...

CVE-2023-37692

An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted...

CVE-2023-38285

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic...

Design/Logic Flaw

An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted...

Code injection

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic...

CVE-2023-35078: Critical API Access Vulnerability in Ivanti Endpoint Manager Mobile

CVE-2023-35078 is a remote unauthenticated API access vulnerability in Ivanti Endpoint Manager Mobile, which was previously branded as MobileIron Core. The vulnerability has a CVSS v3 base score of 10.0 and has a severity rating of Critical. Ivanti has reported that they have received information.....

EulerOS Virtualization 3.0.6.6 : kernel (EulerOS-SA-2023-2444)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any...

CVE-2023-38285

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic...

CVE-2023-38285

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic...

CVE-2023-37692

An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted...

Unintentional leakage of private information via cross-origin websocket session hijacking

Impact Private messages or posts might be leaked to third parties if victim opens the attackers site while browsing nodebb. Patches Patched in v3.1.3 Backported to v2.x line via v2.8.13 Workarounds Users can cherry-pick...

Unintentional leakage of private information via cross-origin websocket session hijacking

Impact Private messages or posts might be leaked to third parties if victim opens the attackers site while browsing nodebb. Patches Patched in v3.1.3 Backported to v2.x line via v2.8.13 Workarounds Users can cherry-pick...

Cryptojacking: Understanding and defending against cloud compute resource abuse

In cloud environments, cryptojacking – a type of cyberattack that uses computing power to mine cryptocurrency – takes the form of cloud compute resource abuse, which involves a threat actor compromising legitimate tenants. Cloud compute resource abuse could result in financial loss to targeted...

Emerson ROC800 Series RTU and DL8000 Preset Controller

EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: ROC800-Series RTU; including ROC800, ROC800L, and DL8000 Preset Controllers Vulnerability: Authentication Bypass 2. RISK EVALUATION Successful exploitation of this vulnerability...

Rockwell Automation ThinManager ThinServer

EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ThinManager ThinServer Vulnerability: Relative Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote actor to leverage the...

AXIS A1001

EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable from adjacent network Vendor: Axis Communications Equipment: AXIS A1001 Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3....

Johnson Controls IQ Wifi 6

EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Low attack complexity Vendor: Johnson Controls Inc. Equipment: IQ Wifi 6 Vulnerability: Improper Restriction of Excessive Authentication Attempts 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to gain...

AIX is vulnerable to a denial of service due to libxml2

IBM SECURITY ADVISORY First Issued: Tue Jul 25 11:08:32 CDT 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/libxml2_advisory5.asc Security Bulletin: AIX is vulnerable to a denial of service due to libxml2 (CVE-2023-29469 and...

AIX is vulnerable to denial of service due to zlib and zlibNX

IBM SECURITY ADVISORY First Issued: Tue Jul 25 11:05:17 CDT 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/zlib_advisory2.asc Security Bulletin: AIX is vulnerable to denial of service due to zlib (CVE-2022-37434)...

Security Bulletin: IBM App Connect for Manufacturing is vulnerable to a denial of service due to FasterXML jackson-databind (CVE-2022-42004, CVE-2022-42003)

Summary IBM App Connect for Manufacturing is vulnerable to a denial of service due to FasterXML jackson-databind (CVE-2022-42004, CVE-2022-42003) Vulnerability Details ** CVEID: CVE-2022-42004 DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a...

Security Bulletin: IBM Sterling Global Mailbox is vulnerable to sensitive data exposure due to Apache CXF (CVE-2022-46363)

Summary A security vulnerability has been identified and addressed in Apache CXF shipped with IBM Sterling Global Mailbox. Vulnerability Details ** CVEID: CVE-2022-46363 DESCRIPTION: **Apache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when the CXFServlet...

Open Babel translationVectors parsing out-of-bounds write vulnerabilities

Talos Vulnerability Report TALOS-2022-1666 Open Babel translationVectors parsing out-of-bounds write vulnerabilities July 21, 2023 CVE Number CVE-2022-46292,CVE-2022-46295,CVE-2022-46294,CVE-2022-46293,CVE-2022-46291 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the...

Open Babel Gaussian format orientation out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1672 Open Babel Gaussian format orientation out-of-bounds write vulnerability July 21, 2023 CVE Number CVE-2022-37331 SUMMARY An out-of-bounds write vulnerability exists in the Gaussian format orientation functionality of Open Babel 3.1.1 and master commit...

Schneider Electric EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers

EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers Vulnerabilities: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION...

JVN#90560760: Multiple vulnerabilities in WordPress Plugin "TS Webfonts for SAKURA"

WordPress Plugin "TS Webfonts for SAKURA" provided by SAKURA internet Inc. contains multiple vulnerabilities listed below. Cross-site scripting (CWE-79) - CVE-2023-32624 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2|...

Mageia: Security Advisory (MGASA-2023-0237)

The remote host is missing an update for...

Mageia: Security Advisory (MGASA-2023-0238)

The remote host is missing an update for...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.120 and fixes atleast the following security issues: A flaw null pointer dereference in the Linux kernel DECnet networking protocol was found. A remote user could use this flaw to crash the system. This is fixed by removing DECnet support...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.120 and fixes atleast the following security issues: A flaw null pointer dereference in the Linux kernel DECnet networking protocol was found. A remote user could use this flaw to crash the system. This is fixed by removing DECnet support...

Rockwell Automation Kinetix 5700 DC Bus Power Supply

EXECUTIVE SUMMARY **CVSS v3 7.5 ** ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Kinetix 5700 Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a...

​Weintek Weincloud

EXECUTIVE SUMMARY ​CVSS v3 7.5 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: Weintek ​Equipment: Weincloud ​Vulnerabilities: Weak Password Recovery Mechanism for Forgotten Password, Improper Authentication, Improper Restriction of Excessive Authentication Attempts, Improper...

Iagona ScrutisWeb

EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Iagona Equipment: ScrutisWeb Vulnerabilities: Absolute Path Traversal, Authorization Bypass Through User-Controlled Key, Use of Hard-coded Cryptographic Key, Unrestricted Upload of File with Dangerous...

GE Digital CIMPLICITY

EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low attack complexity Vendor: GE Digital Equipment: CIMPLICITY Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause memory corruption issues resulting in unwanted...

​GeoVision GV-ADR2701

EXECUTIVE SUMMARY **​CVSS v3 9.8 ** ​ATTENTION: Exploitable remotely/low attack complexity/public exploits are available ​Vendor: GeoVision ​Equipment: GV-ADR2701 ​Vulnerabilities: Improper Authentication 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow an...

WellinTech KingHistorian

EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: WellinTech Equipment: KingHistorian Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Signed to Unsigned Conversion Error 2. RISK EVALUATION...

​Keysight N6845A Geolocation Server

EXECUTIVE SUMMARY ​CVSS v3 7.8 ​ATTENTION: Low attack complexity ​Vendor: Keysight Technologies ​Equipment: N6854A Geolocation Server ​Vulnerabilities: Exposed Dangerous Method or Function, Relative Path Traversal 2. RISK EVALUATION ​Successful exploitation of these vulnerabilities could...

AIX is vulnerable to denial of service due to ISC BIND

IBM SECURITY ADVISORY First Issued: Tue Jul 18 08:40:23 CDT 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/bind_advisory23.asc Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND (CVE-2022-3094,...

CVE-2023-35818

An issue was discovered on Espressif ESP32 3.0 (ESP32_rev300 ROM) devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit...

Code injection

An issue was discovered on Espressif ESP32 3.0 (ESP32_rev300 ROM) devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit...

Malicious user can steal other user's deposits from Vault.sol

Lines of code https://github.com/GenerationSoftware/pt-v5-vault/blob/b1deb5d494c25f885c34c83f014c8a855c5e2749/src/Vault.sol#L509-L521 https://github.com/GenerationSoftware/pt-v5-vault/blob/b1deb5d494c25f885c34c83f014c8a855c5e2749/src/Vault.sol#L407-L415 Vulnerability details Impact When the...

_totalWithdrawn VALUE DOES NOT INCLUDE THE _fee AMOUNT THUS INTRODUCING ACCOUNTING ERROR

Lines of code https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/4bc8a12b857856828c018510b5500d722b79ca3a/src/PrizePool.sol#L473 https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/4bc8a12b857856828c018510b5500d722b79ca3a/src/PrizePool.sol#L830-L833...

The _currentExchangeRate of the Vault contract can't increase, and always be lower than or equal to _assetUnit

Lines of code Vulnerability details Impact The _currentExchangeRate of the Vault contract can not increase, and always be lower than or equal to _assetUnit. Therefore, when the vault is undercollateralized (_currentExchangeRate < _assetUnit), it can't be further collateralized. Proof of concept....

_getNextObservationIndex() Random use of timestamp to determine the currentTime can be manipulated bacause of dangerous strict equalities

Lines of code https://github.com/GenerationSoftware/pt-v5-twab-controller/blob/0145eeac23301ee5338c659422dd6d69234f5d50/src/libraries/TwabLib.sol#L381 https://github.com/GenerationSoftware/pt-v5-twab-controller/blob/0145eeac23301ee5338c659422dd6d69234f5d50/src/libraries/TwabLib.sol#L529...

Attacker can steal vault funds through the deposit function.

Lines of code Vulnerability details Impact In the deposit function, a check is made to see if the amount of assets being deposited by the user is greater than the amount of assets the vault currently holds. The vault then transfers the difference between the assets being deposited and the vault’s.....