BD Pyxis™ SupplyStation™ RF Auxiliary Security Vulnerabilities

CVE-2023-5058

Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code...

Input validation

Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM System Networking Switch Center (SNSC)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 used by IBM System Networking Switch Center (SNSC). These issues were disclosed as part of the IBM Java SDK updates in January 2018 and April 2018. Vulnerability Details VEID: CVE-2018-2579 DESCRIPTION: An...

CVE-2023-5058

Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code...

CVE-2023-33412

The web interface in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions before 3.17.02, allows remote authenticated users to execute arbitrary commands via a crafted request...

CVE-2023-33411

A web server in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions up to 3.17.02, allows remote unauthenticated users to perform directory traversal, potentially disclosing...

CVE-2023-33413

The configuration functionality in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions through 3.17.02, allows remote authenticated users to execute arbitrary...

Integrated DFIR Tool Can Simplify and Accelerate Cyber Forensics

Explore real use cases demonstrating the transformative impact of Trend Vision One™ – Forensics, an integrated Digital Forensics and Incident Response (DFIR)...

ownCloud Phpinfo Reader Exploit

Docker containers of ownCloud compiled after February 2023, which have version 0.2.0 before 0.2.1 or 0.3.0 before 0.3.1 of the app graph installed contain a test file which prints phpinfo() to an unauthenticated user. A post file name must be appended to the URL to bypass the login filter. Docker.....

CVE-2023-33106

Memory corruption while submitting a large list of sync points in an AUX command to the...

CVE-2023-33107

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL...

CVE-2023-33097

Transient DOS in WLAN Firmware while processing a FTMR...

CVE-2023-33098

Transient DOS while parsing WPA IES, when it is passed with length more than expected...

CVE-2023-33092

Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected...

CVE-2023-33088

Memory corruption when processing cmd parameters while parsing...

CVE-2023-33083

Memory corruption in WLAN Host while processing RRM beacon on the...

CVE-2023-33089

Transient DOS when processing a NULL buffer while parsing WLAN...

CVE-2023-33082

Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO...

CVE-2023-33087

Memory corruption in Core while processing RX intent...

CVE-2023-33079

Memory corruption in Audio while running invalid audio recording from...

CVE-2023-33070

Transient DOS in Automotive OS due to improper authentication to the secure IO...

CVE-2023-33080

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management...

CVE-2023-33081

Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA...

CVE-2023-33063

Memory corruption in DSP Services during a remote call from HLOS to...

CVE-2023-33041

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer...

CVE-2023-33043

Transient DOS in Modem when a Beam switch request is made with a non-configured...

CVE-2023-33044

Transient DOS in Data modem while handling TLB control messages from the...

CVE-2023-33042

Transient DOS in Modem after RRC Setup message is...

CVE-2023-33053

Memory corruption in Kernel while parsing...

CVE-2023-33054

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance...

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators...

CVE-2023-28588

Transient DOS in Bluetooth Host while rfc slot...

CVE-2023-33022

Memory corruption in HLOS while invoking IOCTL calls from...

CVE-2023-33017

Memory corruption in Boot while running a ListVars test in UEFI Menu during...

CVE-2023-33024

Memory corruption while sending SMS from AP...

CVE-2023-28580

Memory corruption in WLAN Host while setting the PMK length in PMK length in internal...

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in...

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE...

CVE-2023-28587

Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface...

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input...

CVE-2023-22668

Memory Corruption in Audio while invoking IOCTLs calls from the...

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter...

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory...

CVE-2023-22383

Memory Corruption in camera while installing a fd for a particular DMA...

CVE-2023-21634

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to...

Buildroot BR_NO_CHECK_HASH_FOR data integrity vulnerability

Talos Vulnerability Report TALOS-2023-1845 Buildroot BR_NO_CHECK_HASH_FOR data integrity vulnerability December 5, 2023 CVE Number CVE-2023-43608 SUMMARY A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023.08.1 and dev commit 622698d7847. A specially...

Buildroot package hash checking data integrity vulnerabilities

Talos Vulnerability Report TALOS-2023-1844 Buildroot package hash checking data integrity vulnerabilities December 5, 2023 CVE Number CVE-2023-45841,CVE-2023-45842,CVE-2023-45838,CVE-2023-45839,CVE-2023-45840 SUMMARY Multiple data integrity vulnerabilities exist in the package hash checking...

ownCloud Phpinfo Reader

Docker containers of ownCloud compiled after February 2023, which have version 0.2.0 before 0.2.1 or 0.3.0 before 0.3.1 of the app graph installed contain a test file which prints phpinfo() to an unauthenticated user. A post file name must be appended to the URL to bypass the login filter. Docker.....

CVE-2023-49914

InteraXon Muse 2 devices allow remote attackers to cause a denial of service (incorrect Muse App report of an outstanding, calm meditation state) via a 480 MHz RF carrier that is modulated by a "false" brain wave, aka a Brain-Hack attack. For example, the Muse App does not display the reception of....

CVE-2023-49914

InteraXon Muse 2 devices allow remote attackers to cause a denial of service (incorrect Muse App report of an outstanding, calm meditation state) via a 480 MHz RF carrier that is modulated by a "false" brain wave, aka a Brain-Hack attack. For example, the Muse App does not display the reception of....