BD Pyxis™ SupplyStation™ RF Auxiliary Security Vulnerabilities

What is a Cloud Native Application Protection Platform CNAPP ?

Revealing the Secrets of the Cloud-specific Application Safety Platform (CSASP) In the landscape of online safety, the notion of the Cloud-specific Application Safety Platform (CSASP) is something relatively unheard of, but rapidly gaining popularity. Intuitively from its name, CSASP is a system...

Security Bulletin: NVIDIA GPU Display Driver - October 2023

NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin. To protect your system, download and install this software update through the NVIDIA Driver Downloads page or, for the vGPU software and Cloud Gaming updates,...

What is a Cloud Workload Protection Platform ? (CWPP)

Diving into the Depths of Cloud Workload Defense Framework (CWDF) Mysteries Setting out to understand cloud security, one frequently encounters the term - Cloud Workload Defense Framework (CWDF). What exact role does CWDF play? Let's decode this riddle. At its core, the Cloud Workload Defense...

Security Bulletin: IBM® Db2® is vulnerable to insufficient audit logging. (CVE-2023-23487)

Summary IBM® Db2® is vulnerable to insufficient audit logging. Vulnerability Details ** CVEID: CVE-2023-23487 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to insufficient audit logging. CVSS Base score: 4.3 CVSS Temporal Score: See: ...

Security Bulletin: Multiple vulnerabilities exist in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager.

Summary Multiple vulnerabilities exist in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.2. CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597 Vulnerability Details...

Security Bulletin: A vulnerability exists in the IBM® SDK, Java™ Technology Edition affecting IBM Tivoli Network Manager (CVE-2023-22045, CVE-2023-22049).

Summary Vulnerabilities (CVE-2023-22045, CVE-2023-22049) exist in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.2. Vulnerability Details ** CVEID: CVE-2023-22045 DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM...

Splunk edit_user Capability Privilege Escalation Exploit

Splunk suffers from an issue where a low-privileged user who holds a role that has the edit_user capability assigned to it can escalate their privileges to that of the admin user by providing a specially crafted web request. This is because the edit_user capability does not honor the...

What is MDR ?

Gaining Insight: Decoding MDR's Functions As we navigate the continually evolving cybersecurity landscape, Managed Detection and Response (MDR) surfaces as a game-changing strategy. But, what does MDR truly signify? In its purest form, MDR marries technical expertise with sector-specific knowledge....

Metasploit Weekly Wrap-Up

New module content (4) Atlassian Confluence Data Center and Server Authentication Bypass via Broken Access Control Authors: Emir Polat and Unknown Type: Auxiliary Pull request: #18447 contributed by emirpolatt Path: admin/http/atlassian_confluence_auth_bypass AttackerKB reference: CVE-2023-22515...

What is Traffic Shaping ?

Unraveling the Enigma of Traffic Modulation Within the realm of digital information, data traffic parallels a high-speed freeway, ferrying packets of details to-and-fro. So what transpires when there's an excessive influx, leading to an overburdened data expressway? This is where the enigma of...

Splunk edit_user Capability Privilege Escalation

...

Security Bulletin: IBM® Db2® db2set is vulnerable to arbitrary code execution. (CVE-2023-30431)

Summary IBM® Db2® db2set is vulnerable to arbitrary code execution. Vulnerability Details ** CVEID: CVE-2023-30431 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) db2set is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could...

Citrix ADC (NetScaler) Bleed Scanner

This module scans for a vulnerability that allows a remote, unauthenticated attacker to leak memory for a target Citrix ADC server. The leaked memory is then scanned for session cookies which can be hijacked if...

How to catch a wild triangle

In the beginning of 2023, thanks to our Kaspersky Unified Monitoring and Analysis Platform (KUMA) SIEM system, we noticed suspicious network activity that turned out to be an ongoing attack targeting the iPhones and iPads of our colleagues. The moment we understood that there was a clear pattern...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - July 2023 - Includes Oracle July 2023 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions (including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities).....

Top insights and best practices from the new Microsoft Data Security Index report

A whopping 74 percent of organizations recently surveyed experienced at least one data security incident with their business data exposed in the previous year. That’s just one of our interesting insights from Microsoft’s new Data Security Index: Trends, insights, and strategies to secure data...

Top insights and best practices from the new Microsoft Data Security Index report

A whopping 74 percent of organizations recently surveyed experienced at least one data security incident with their business data exposed in the previous year. That’s just one of our interesting insights from Microsoft’s new Data Security Index: Trends, insights, and strategies to secure data...

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affect Rational Business Developer.

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by Rational Business Developer. Rational Business Developer has provided a fix for the applicable CVE. This issue was disclosed as part of the IBM Java SDK and Runtime....

Security Bulletin: Vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus (Multiple CVEs)

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus. These were disclosed as part of the IBM Java SDK updates in April 2023. Affected platforms are AIX, Linux, Linux on zSystems, and Windows. Vulnerability Details....

Security Bulletin: Vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus (Multiple CVEs)

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus. These were disclosed as part of the IBM Java SDK updates in November 2022 and February 2023. Vulnerability Details ** CVEID: CVE-2022-21426 DESCRIPTION: **An...

VMWare Aria Operations For Networks SSH Private Key Exposure

...

VMWare Aria Operations For Networks SSH Private Key Exposure Exploit

VMWare Aria Operations for Networks (vRealize Network Insight) versions 6.0.0 through 6.10.0 do not randomize the SSH keys on virtual machine initialization. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "support" (root)...

Wiz recognized as a 2023 Frost & Sullivan Radar Leader in Cloud Workload Protection Platform

In its 2023 Frost Radar™ analysis, Frost & Sullivan identified the top companies in the Global Cloud Workload Protection Platform (CWPP) market. Wiz is honored to be included on the...

Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report

We are excited to share that Microsoft has been named a Leader in The Forrester Wave™: Endpoint Security, Q4 2023. Microsoft received the highest possible scores in the strategy category for the vision and roadmap criteria. Forrester notes, “Microsoft’s outstanding roadmap for endpoint security...

VIMESA VHF/FM Transmitter Blue Plus 9.7.1 Denial Of Service Vulnerability

VIMESA VHF/FM Transmitter Blue Plus version 9.7.1 suffers from a denial of service vulnerability. An unauthenticated attacker can issue an unauthorized HTTP GET request to the unprotected endpoint doreboot and restart the transmitter...

What is Cloud Migration ?

Dispelling the Fog: Unraveling Cloud Migration In the technological realm, cloud migration is a burgeoning trend that's swiftly taking center stage. However, its definite meaning may not be crystal clear to all. Simply put, cloud migration is the process where essential business constituents such.....

VIMESA VHF/FM Transmitter Blue Plus 9.7.1 Denial Of Service

...

Metasploit Weekly Wrap-Up

That Privilege Escalation Escalated Quickly This release features a module leveraging CVE-2023-22515, a vulnerability in Atlassian’s on-premises Confluence Server first listed as a privilege escalation, but quickly recategorized as a “broken access control” with a CVSS score of 10. The exploit...

VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) Remote Denial Of Service

Title: VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) Remote Denial Of Service Advisory ID: ZSL-2023-5798 Type: Local/Remote Impact: DoS Risk: (4/5) Release Date: 19.10.2023 Summary The transmitter Blue Plus is designed with all the latest technologies, such as high efficiency using the...

Security Bulletin: IBM® Db2® is vulnerable to denial of service with a specially crafted query statement. (CVE-2023-40374)

Summary IBM® Db2® is vulnerable to denial of service with a specially crafted query statement. Vulnerability Details ** CVEID: CVE-2023-40374 DESCRIPTION: **IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted query...

Security Bulletin: IBM® Db2® could allow a local user with special privileges to cause a denial of service during database deactivation on DPF (CVE-2023-38719)

Summary IBM® Db2® could allow a local user with special privileges to cause a denial of service during database deactivation on DPF. Vulnerability Details ** CVEID: CVE-2023-38719 DESCRIPTION: **IBM Db2 could allow a local user with special privileges to cause a denial of service during database...

Security Bulletin: IBM® Db2® is vulnerable to denial of service with a specially crafted SQL statement using External Tables. (CVE-2023-40372)

Summary IBM® Db2® is vulnerable to denial of service with a specially crafted SQL statement using External Tables. Vulnerability Details ** CVEID: CVE-2023-40372 DESCRIPTION: **IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially...

What is XDR ?

Unpacking XDR: Broadened Acknowledgment and Response In the perpetually advancing domain of digital protection, new lingo and philosophies constantly emerge. Among the more recent additions is XDR, an acronym for Extended Detection and Response. This passage will provide a detailed insight into...

CVE-2023-20598

An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code...

CVE-2023-20598

An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code...

Input validation

An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code...

CVE-2023-20598

An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code...

VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure

VMWare Aria Operations for Networks (vRealize Network Insight) versions 6.0.0 through 6.10.0 do not randomize the SSH keys on virtual machine initialization. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "support" (root)...

Pro-Russian Hackers Exploiting Recent WinRAR Vulnerability in New Campaign

Pro-Russian hacking groups have exploited a recently disclosed security vulnerability in the WinRAR archiving utility as part of a phishing campaign designed to harvest credentials from compromised systems. "The attack involves the use of malicious archive files that exploit the recently...

AMD Radeon™ Graphics Kernel Driver Privilege Management Vulnerability

Bulletin ID: AMD-SB-6009 Potential Impact: Arbitrary code execution Severity:High Summary A potential vulnerability was reported in the AMD Radeon™ Software (Adrenalin Edition and PRO Edition) kernel (pdfwkrnl.sys) driver which may allow arbitrary code execution. Current AMD analysis shows the...

Apache Superset 2.0.0 Remote Code Execution Exploit

Apache Superset versions 2.0.0 and below utilize Flask with a known default secret key which is used to sign HTTP cookies. These cookies can therefore be forged. If a user is able to login to the site, they can decode the cookie, set their user_id to that of an administrator, and re-sign the...

Metasploit Weekly Wrap-Up

Pollution in Kibana This week, contributor h00die added a module that leverages a prototype pollution bug in Kibana prior to version 7.6.3. Particularly, this issue is within the Upgrade Assistant and enables an attacker to execute arbitrary code. This vulnerability can be triggered by sending a...

Apache Superset 2.0.0 Remote Code Execution

...

Atlassian Confluence Data Center and Server Authentication Bypass via Broken Access Control

This module exploits a broken access control vulnerability in Atlassian Confluence servers leading to an authentication bypass. A specially crafted request can be create new admin account without authentication on the target Atlassian...

Security Bulletin: IBM MQ is affected by multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8

Summary Multiple vulnerabilities were found with IBM® Runtime Environment Java™ Technology Edition, Version 8 which is shipped with IBM MQ (CVE-2022-21624, CVE-2022-21626) Vulnerability Details CVEID: CVE-2022-21626 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security...

Security Bulletin: Multipe vulnerabilities exists in the IBM® SDK, Java™ Technology Edition affects IBM Tivoli Network Configuration Manager.

Summary Multipe vulnerabilities exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration v6.4.2. CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597 Vulnerability Details **...

Security Bulletin: A vulnerability exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager (CVE-2023-22045, CVE-2023-22049).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2 Vulnerability Details ** CVEID: CVE-2023-22045 DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow.....

GLPI GZIP(Py3) 9.4.5 Remote Code Execution

...

DakshSCRA - Source Code Review Assist

Daksh SCRA (Source Code Review Assist) tool is built to enhance the efficiency of the source code review process, providing a well-structured and organized approach for code reviewers. Rather than indiscriminately flagging everything as a potential issue, Daksh SCRA promotes thoughtful analysis,...

GLPI GZIP(Py3) 9.4.5 - RCE

...