Berkeley-AL20, Berkeley-BD Security Vulnerabilities

[SECURITY] Fedora 37 Update: cups-2.4.6-1.fc37

CUPS printing system provides a portable printing layer for UNIX=EF=BF=BD=EF=BF=BD operating systems. It has been developed by Apple In c. to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...

CVE-2023-30565

An insecure connection between Systems Manager and CQI Reporter application could expose infusion data to an...

CVE-2023-30563

A malicious file could be uploaded into a System Manager User Import Function resulting in a hijacked...

CVE-2023-30561

The data flowing between the PCU and its modules is insecure. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device while an infusion is...

CVE-2023-30565

An insecure connection between Systems Manager and CQI Reporter application could expose infusion data to an...

CVE-2023-30564

Alaris Systems Manager does not perform input validation during the Device Import...

CVE-2023-30561

The data flowing between the PCU and its modules is insecure. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device while an infusion is...

CVE-2023-30563

A malicious file could be uploaded into a System Manager User Import Function resulting in a hijacked...

CVE-2023-30562

A GRE dataset file within Systems Manager can be tampered with and distributed to...

CVE-2023-30564

Alaris Systems Manager does not perform input validation during the Device Import...

CVE-2023-30562

A GRE dataset file within Systems Manager can be tampered with and distributed to...

Design/Logic Flaw

An insecure connection between Systems Manager and CQI Reporter application could expose infusion data to an...

Information disclosure

The data flowing between the PCU and its modules is insecure. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device while an infusion is...

Input validation

Alaris Systems Manager does not perform input validation during the Device Import...

Session fixation

A malicious file could be uploaded into a System Manager User Import Function resulting in a hijacked...

Code injection

A GRE dataset file within Systems Manager can be tampered with and distributed to...

CVE-2023-30560

The configuration from the PCU can be modified without authentication using physical connection to the...

CVE-2023-30560

The configuration from the PCU can be modified without authentication using physical connection to the...

Authentication flaw

The configuration from the PCU can be modified without authentication using physical connection to the...

CVE-2023-30565 CQI Data Sniffing

An insecure connection between Systems Manager and CQI Reporter application could expose infusion data to an...

CVE-2023-30564 Stored Cross-Site Scripting on Device Import Functionality

Alaris Systems Manager does not perform input validation during the Device Import...

CVE-2023-30563 Stored Cross-Site Scripting on User Import Functionality

A malicious file could be uploaded into a System Manager User Import Function resulting in a hijacked...

CVE-2023-30562 Lack of Dataset Integrity Checking

A GRE dataset file within Systems Manager can be tampered with and distributed to...

CVE-2023-30561 Lack of Cryptographic Security of IUI Bus

The data flowing between the PCU and its modules is insecure. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device while an infusion is...

CVE-2023-30560 PCU Configuration Lacks Authentication

The configuration from the PCU can be modified without authentication using physical connection to the...

CVE-2023-30559

The firmware update package for the wireless card is not properly signed and can be...

CVE-2023-30559

The firmware update package for the wireless card is not properly signed and can be...

Design/Logic Flaw

The firmware update package for the wireless card is not properly signed and can be...

CVE-2023-30559 Wireless Card Firmware Improperly Signed

The firmware update package for the wireless card is not properly signed and can be...

BD-Schools LMS 1.0.2 Cross Site Scripting

...

(RHSA-2023:4037) Important: bind9.16 security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Thunderbird vulnerabilities (USN-6214-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 22.10 / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6214-1 advisory. The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts...

Thunderbird vulnerabilities

Releases Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an...

(RHSA-2023:4005) Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....

[SECURITY] Fedora 38 Update: python-managesieve-0.7.1-6.fc38

This module allows accessing a Sieve-Server for managing Sieve scripts ther e. It is accompanied by a simple yet functional user application =EF=BF=BD=EF...

[SECURITY] Fedora 37 Update: python-managesieve-0.7.1-6.fc37

This module allows accessing a Sieve-Server for managing Sieve scripts ther e. It is accompanied by a simple yet functional user application =EF=BF=BD=EF...

BugChecker - SoftICE-like Kernel Debugger For Windows 11

Introduction BugChecker is a SoftICE-like kernel and user debugger for Windows 11 (and Windows XP as well: it supports Windows versions from XP to 11, both x86 and x64). BugChecker doesn't require a second machine to be connected to the system being debugged, like in the case of WinDbg and KD....

Fedora: Security Advisory for cups (FEDORA-2023-fac5968b55)

The remote host is missing an update for...

Fedora: Security Advisory for bind (FEDORA-2023-1d526d551c)

The remote host is missing an update for...

CVE-2023-28387

"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external...

CVE-2023-28387

"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external...

Hardcoded credentials

"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external...

CVE-2023-28387

"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external...

[SECURITY] Fedora 37 Update: bind-9.18.16-1.fc37

BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....

[SECURITY] Fedora 38 Update: cups-2.4.6-1.fc38

CUPS printing system provides a portable printing layer for UNIX=EF=BF=BD=EF=BF=BD operating systems. It has been developed by Apple In c. to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...

Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series Use of Hard-Coded Credentials (CVE-2023-2061)

Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via...

Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series Unrestricted Upload of File with Dangerous Type (CVE-2023-2063)

Unrestricted Upload of File with Dangerous Type vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to cause information disclosure,...

Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series Missing Password Field Masking (CVE-2023-2062)

Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series...

Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series Weak Password Requirements (CVE-2023-2060)

Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or...

[SECURITY] Fedora 38 Update: bind-9.18.16-1.fc38

BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....