Armoury Crate & Aura Creator Installer (ROG Live Service) Security Vulnerabilities

SUSE: Security Advisory (SUSE-SU-2024:2033-1)

The remote host is missing an update for...

CVE-2024-37795

A segmentation fault in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT-LIB input file containing the set-logic command with specific formatting errors. Bugs https://github.com/cvc5/cvc5/issues/10813 Notes Author| Note ---|--- | Priority reason: CLI...

Hewlett Packard Enterprise OneView clusterService Authentication Bypass Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Hewlett Packard Enterprise OneView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the clusterService. The issue results from the lack of...

JVN#65171386: Multiple vulnerabilities in ID Link Manager and FUJITSU Software TIME CREATOR

ID Link Manager and FUJITSU Software TIME CREATOR provided by Fsas Technologies Inc. contain multiple vulnerabilities listed below. Path Traversal (CWE-36) CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Base Score 8.6 CVE-2024-33620 Missing Authentication (CWE-306)...

K000140039: Intel QAT vulnerability CVE-2023-32641

Security Advisory Description Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access. (CVE-2023-32641) Impact There is no impact; F5 products are not affected by this...

K000140043: runc vulnerability CVE-2024-21626

Security Advisory Description runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working...

(0Day) Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Spokes...

CVE-2024-5953

A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password. Bugs ...

Backdoor.Win32.Plugx MVID-2024-0686 Insecure Permissions

...

SUSE SLES15 Security Update : bind (SUSE-SU-2024:2033-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2033-1 advisory. - CVE-2023-4408: Fixed denial of service during DNS message parsing with different names (bsc#1219851) - CVE-2023-50387: Fixed...

Atlassian Jira Service Management Data Center and Server < 5.4.18 / 5.5.x < 5.12.6 / 5.13.x < 5.15.0 (JSDSERVER-15308)

The version of Atlassian Jira Service Management Data Center and Server (Jira Service Desk) running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-15308 advisory. Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential...

PaperCut MF pc-upconnector-service Server-Side Request Forgery Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PaperCut MF. Authentication is not required to exploit this vulnerability. The specific flaw exists within the pc-upconnector-service service, which listens on TCP port 9151 by default. The...

K000140042: libldap vulnerability CVE-2020-15719

Security Advisory Description libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8.....

K000140029: libcurl vulnerability CVE-2024-2398

Security Advisory Description When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously...

JVN#00442488: Multiple vulnerabilities in Ricoh Streamline NX PC Client

Ricoh Streamline NX PC Client provided by RICOH COMPANY, LTD. contains multiple vulnerabilities listed below. Improper restriction of communication channel to intended endpoints (CWE-923) CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Base Score 6.3 CVE-2024-36252 ricoh-2024-000004 Use of...

PaperCut NG upload Link Following Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PaperCut NG. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the upload endpoint. By...

Hewlett Packard Enterprise OneView startUpgradeCommon Command Injection Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges code on affected installations of Hewlett Packard Enterprise OneView. An attacker must first obtain the ability to execute low-privileged code on the target system or send an HTTP request to a local service in order to exploit this...

Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability

This vulnerability allows local attackers to downgrade Parallels software on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2024-37794

Improper input validation in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT2 input file. Bugs https://github.com/cvc5/cvc5/issues/10813 Notes Author| Note ---|--- | Priority reason: CLI crash...

K000140040: OpenLDAP slapd vulnerabilities CVE-2020-36230, CVE-2020-36229, CVE-2017-17740, CVE-2017-9287, and CVE-2017-14159

Security Advisory Description CVE-2020-36230 A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. CVE-2020-36229 A flaw was discovered in ldap_X509dn2bv in OpenLDAP before...

Hewlett Packard Enterprise OneView Apache Server-Side Request Forgery Vulnerability

This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of Hewlett Packard Enterprise OneView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the REST service, which listens on TCP port 443 by...

Linux kernel (HWE) vulnerabilities

Releases Ubuntu 22.04 LTS Packages linux-hwe-6.5 - Linux hardware enablement (HWE) kernel Details Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use...

CVE-2024-37890

A flaw was found in the Node.js WebSocket library (ws). A request with several headers exceeding the 'server.maxHeadersCount' threshold could be used to crash a ws server, leading to a denial of...

STRIMZI incorrect access control

Incorrect access control in the Kafka Connect REST API in the STRIMZI Project 0.41.0 and earlier allows an attacker to deny the service for Kafka Mirroring, potentially mirror the topics' content to his Kafka cluster via a malicious connector (bypassing Kafka ACL if it exists), and potentially...

STRIMZI incorrect access control

Incorrect access control in the Kafka Connect REST API in the STRIMZI Project 0.41.0 and earlier allows an attacker to deny the service for Kafka Mirroring, potentially mirror the topics' content to his Kafka cluster via a malicious connector (bypassing Kafka ACL if it exists), and potentially...

Zero-Day Marketplace Explained: How Zerodium, BugTraq, and Fear contributed to the Rise of the Zero-Day Vulnerability Black Market

Whenever a company is notified about or discovers a critical flaw in their system/application that has the potential to be exploited by malicious elements, it’s termed a vulnerability. However, every time a flaw being actively exploited is discovered, code red is punched as the organization’s IT...

Malvertising Campaign Leads to Execution of Oyster Backdoor

The following analysts contributed to this blog: Thomas Elkins, Daniel Thiede, Josh Lockwood, Tyler McGraw, and Sasha Kovalev. Executive Summary Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and.....

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details **...

CVE-2024-36543

Incorrect access control in the Kafka Connect REST API in the STRIMZI Project 0.41.0 and earlier allows an attacker to deny the service for Kafka Mirroring, potentially mirror the topics' content to his Kafka cluster via a malicious connector (bypassing Kafka ACL if it exists), and potentially...

CVE-2024-36543

Incorrect access control in the Kafka Connect REST API in the STRIMZI Project 0.41.0 and earlier allows an attacker to deny the service for Kafka Mirroring, potentially mirror the topics' content to his Kafka cluster via a malicious connector (bypassing Kafka ACL if it exists), and potentially...

CVE-2024-37890 Denial of service when handling a request with many HTTP headers in ws

ws is an open source WebSocket client and server for Node.js. A request with a number of headers exceeding theserver.maxHeadersCount threshold could be used to crash a ws server. The vulnerability was fixed in [email protected] (e55e510) and backported to [email protected] (22c2876), [email protected] (eeb76d3), and...

CVE-2024-37890 Denial of service when handling a request with many HTTP headers in ws

ws is an open source WebSocket client and server for Node.js. A request with a number of headers exceeding theserver.maxHeadersCount threshold could be used to crash a ws server. The vulnerability was fixed in [email protected] (e55e510) and backported to [email protected] (22c2876), [email protected] (eeb76d3), and...

CVE-2024-37795

A segmentation fault in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT-LIB input file containing the set-logic command with specific formatting...

CVE-2024-37795

A segmentation fault in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT-LIB input file containing the set-logic command with specific formatting...

CVE-2024-37795

A segmentation fault in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT-LIB input file containing the set-logic command with specific formatting...

CVE-2024-37794

Improper input validation in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT2 input...

CVE-2024-37794

Improper input validation in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT2 input...

CVE-2024-37794

Improper input validation in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT2 input...

Exploit for Path Traversal in Aiohttp

CVE-2024-23334 Exploit and PoC This repository contains a...

Security Bulletin: IBM Sterling B2B Integrator - The Document Service Container in IBM Sterling B2B Integrator is vulnerable to denial of service due to jackson-core (256137)

Summary The Document Service Container in IBM Sterling B2B Integrator is vulnerable to a denial of service due to jackson-core (256137). IBM Sterling B2B Integrator has addressed the vulnerabilty in the Remediation/Fixes section of this bulletin. Vulnerability Details ** IBM X-Force ID: 256137 ...

Security Bulletin: IBM DevOps Release addresses multiple vulnerabilities.

Summary IBM DevOps Release 7.0.0.2 addresses multiple vulnerabilities. Vulnerability Details ** CVEID: CVE-2014-3643 DESCRIPTION: **Jersey could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data by jersey SAX parser. By...

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to a denial of service due to IBM Java SDK (CVE-2024-38264)

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to a denial of service due to IBM Java SDK, Java Technology Edition. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-38264 DESCRIPTION: **The IBM...

ruby-rack vulnerabilities

It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 23.10. (CVE-2023-27530) It was discovered that Rack incorrectly parsed certain....

Security Bulletin: IBM App Connect for Manufacturing is vulnerable to a denial of service and a remote authenticated attacker (CVE-2024-29857, CVE-2024-30171 & CVE-2024-30172)

Summary IBM App Connect for Manufacturing is vulnerable to a denial of service and a remote authenticated attacker accessing sensitive information. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-30171 DESCRIPTION: **The Bouncy...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to libssh, Linux-pam ,Kerberos 5, systemd and idna packages/liberaries.

Summary IBM MQ Operator and Queue manager container images are vulnerable to libssh, Linux-pam ,Kerberos 5, systemd and idna. This bulletin identifies the steps required to address these vulnerabilities Vulnerability Details ** CVEID: CVE-2023-6004 DESCRIPTION: **libssh could allow a local...

China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices

A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal...

What is DevSecOps and Why is it Essential for Secure Software Delivery?

Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive.....

Advisory ROSA-SA-2024-2434

Software: giflib 5.2.1 OS: ROSA-CHROME package_evr_string: giflib-5.2.1-4 CVE-ID: CVE-2023-39742 BDU-ID: 2023-05863 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the getarg.c component of the GIFLIB library for handling GIF files is related to a segmentation error. Exploitation of the...

Advisory ROSA-SA-2024-2431

Software: lua 5.3.4 OS: ROSA Virtualization 2.1 package_evr_string: lua-5.3.4 CVE-ID: CVE-2021-43519 BDU-ID: None CVE-Crit: N/A CVE-DESC.: Stack overflow in lua_resume of the ldo.c file in Lua Interpreter allows attackers to perform a denial of service via a script file created. CVE-STATUS: Not...

Security Bulletin: IBM Maximo Application Suite uses jose-2.0.6.tgz which is vulnerable to CVE-2024-28176.

Summary Security Bulletin: IBM Maximo Application Suite uses jose-2.0.6.tgz which is vulnerable to CVE-2024-28176. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2024-28176 DESCRIPTION: **Node.js jose module is vulnerable to a...