AR120-S,AR1200,AR1200-S,AR150,AR150-S,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR3600,AR510,NetEngine16EX,SRG1300,SRG2300,SRG3300 Security Vulnerabilities

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1836)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2024-1810)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1842)

The remote host is missing an update for the Huawei...

SUSE: Security Advisory (SUSE-SU-2024:2180-1)

The remote host is missing an update for...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-1845)

The remote host is missing an update for the Huawei...

RHEL 9 : python3.9 (RHSA-2024:4078)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4078 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

RHEL 9 : git (RHSA-2024:4083)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4083 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a...

Tp-Link ER7206 Omada Gigabit VPN Router cli_server debug leftover debug code vulnerability

Talos Vulnerability Report TALOS-2024-1947 Tp-Link ER7206 Omada Gigabit VPN Router cli_server debug leftover debug code vulnerability June 25, 2024 CVE Number CVE-2024-21827 SUMMARY A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN....

RHEL 8 : kpatch-patch (RHSA-2024:4075)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4075 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2024-1823)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-1811)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for mod_http2 (EulerOS-SA-2024-1840)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1835)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1815)

The remote host is missing an update for the Huawei...

Ubuntu: Security Advisory (USN-6844-1)

The remote host is missing an update for...

Important: git security update

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-1832)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2024-1848)

The remote host is missing an update for the Huawei...

Mageia: Security Advisory (MGASA-2024-0235)

The remote host is missing an update for...

SUSE SLES15 / openSUSE 15 Security Update : grafana and mybatis (SUSE-SU-2024:1530-2)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1530-2 advisory. grafana was updated to version 9.5.18: - Grafana now requires Go 1.20 - Security issues fixed: * CVE-2024-1313: Require same...

EulerOS 2.0 SP11 : openssl (EulerOS-SA-2024-1821)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary:...

RHEL 7 : kernel (RHSA-2024:4098)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4098 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * Kernel: bluetooth: Unauthorized...

EulerOS 2.0 SP11 : openssl (EulerOS-SA-2024-1842)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary:...

CVE-2024-33847

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may be corrupted after below testcase: - mkfs.f2fs -O extra_attr,compression -f /dev/vdb - mount /dev/vdb /mnt/f2fs - touch /mnt/f2fs/file -...

Security Bulletin: AIX is affected by a denial of service due to Python (CVE-2024-0450)

Summary Vulnerability in Python could allow a remote attacker to cause a denial of service (CVE-2024-0450). Python is used by AIX as part of Ansible node management automation. Vulnerability Details ** CVEID: CVE-2024-0450 DESCRIPTION: **Python CPython is vulnerable to a denial of service, caused.....

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 8 used by AIX. AIX has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2024-21085 DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow a remote...

CVE-2024-38903

H3C Magic R230 V100R002's udpserver opens port 9034, allowing attackers to execute arbitrary...

CVE-2024-38903

H3C Magic R230 V100R002's udpserver opens port 9034, allowing attackers to execute arbitrary...

Change Healthcare confirms the customer data stolen in ransomware attack

For the first time since news broke about a ransomware attack on Change Healthcare, the company has released details about the data stolen during the attack. First, a quick refresher: On February 21, 2024, Change Healthcare experienced serious system outages due to a cyberattack. The incident led.....

CodeChecker has a Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`

Summary ZIP files uploaded to the server-side endpoint handling a CodeChecker store are not properly sanitized. An attacker can exercise a path traversal to make the CodeChecker server load and display files from an arbitrary location on the server machine. Details Target The vulnerable endpoint...

CodeChecker has a Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`

Summary ZIP files uploaded to the server-side endpoint handling a CodeChecker store are not properly sanitized. An attacker can exercise a path traversal to make the CodeChecker server load and display files from an arbitrary location on the server machine. Details Target The vulnerable endpoint...

Security Bulletin: A vulnerability in Node.js affects IBM Rational® Application Developer for WebSphere® Software (CVE-2024-27980)

Summary Node.js is used as runtime and SDK for Apache Cordova applications within IBM Rational® Application Developer for WebSphere® Software. Information about security vulnerabilities affecting Node.js has been published in a security bulletin. Vulnerability Details Refer to the security...

Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update

Summary Identity Insight customers are advised to update IBM WebSphere Liberty Profile (WLP) to version 24.0.0.6 for security update in WLP. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s) |...

Security Bulletin: Vulnerability has been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2024-37532)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about an identity spoofing vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty shipped with IBM CICS TX Standard

Summary Security vulnerabilities may affect IBM WebSphere Liberty shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable issue. Vulnerability Details ** CVEID: CVE-2024-22353 DESCRIPTION: **IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 is...

CVE-2024-39291

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode in gfx_v9_4_3.c was generating about potential truncation of output when using the snprintf...

CVE-2024-39291

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode in gfx_v9_4_3.c was generating about potential truncation of output when using the snprintf...

CVE-2024-39291

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode in gfx_v9_4_3.c was generating about potential truncation of output when using the snprintf...

CVE-2024-33847

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may be corrupted after below testcase: - mkfs.f2fs -O extra_attr,compression -f /dev/vdb - mount /dev/vdb /mnt/f2fs - touch /mnt/f2fs/file -...

CVE-2024-33847

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may be corrupted after below testcase: - mkfs.f2fs -O extra_attr,compression -f /dev/vdb - mount /dev/vdb /mnt/f2fs - touch /mnt/f2fs/file -...

CVE-2024-33847

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may be corrupted after below testcase: - mkfs.f2fs -O extra_attr,compression -f /dev/vdb - mount /dev/vdb /mnt/f2fs - touch /mnt/f2fs/file -...

Security Bulletin: IBM Watson AI Gateway for IBM Cloud Pak for Data is vulnerable to follow-redirects open redirect vulnerabilitiy [ CVE-2023-26159]

Summary Potentialfollow-redirects open redirect vulnerabilitiy [ CVE-2023-26159] have been identified that may affect IBM Watson AI Gateway for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details ** CVEID:...

CVE-2024-33847 f2fs: compress: don't allow unaligned truncation on released compress inode

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may be corrupted after below testcase: - mkfs.f2fs -O extra_attr,compression -f /dev/vdb - mount /dev/vdb /mnt/f2fs - touch /mnt/f2fs/file -...

CVE-2024-33847 f2fs: compress: don't allow unaligned truncation on released compress inode

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may be corrupted after below testcase: - mkfs.f2fs -O extra_attr,compression -f /dev/vdb - mount /dev/vdb /mnt/f2fs - touch /mnt/f2fs/file -...

CVE-2024-39291 drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode in gfx_v9_4_3.c was generating about potential truncation of output when using the snprintf...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to identity spoofing (CVE-2024-37532)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to identity spoofing. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s) and Version(s)|...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to identity spoofing (CVE-2024-37532)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to identity spoofing. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s) and Version(s)|...

Security Bulletin: IBM DataPower Gateway is vulnerable to denial of service due to Golang Go

Summary IBM DataPower Gateway is vulnerable to denial of service due to use of Golang Go in DataPower Operator and Prometheus Metrics . (CVE-2024-24783) Vulnerability Details ** CVEID: CVE-2024-24783 DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw in the...

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft

CVE-2024-30088 Bug: Bug is inside function...

XZ backdoor: Hook analysis

Part 1: XZ backdoor story – Initial analysis Part 2: Assessing the Y, and How, of the XZ Utils incident (social engineering) In our first article on the XZ backdoor, we analyzed its code from initial infection to the function hooking it performs. As we mentioned then, its initial goal was to...