Genian NAC V5.0 & Genian NAC Suite V5.0 Security Vulnerabilities

Security research without ever leaving GitHub: From code scanning to CVE via Codespaces and private vulnerability reporting

Hello fellow readers! Have you ever wondered how the GitHub Security Lab performs security research? In this post, you'll learn how we leverage GitHub products and features such as code scanning, CodeQL, Codespaces, and private vulnerability reporting. By the time we conclude, you'll have mastered....

CVE-2024-28782

IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: ...

CVE-2024-28782

IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: ...

CVE-2024-28782 IBM QRadar Suite Software information disclosure

IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: ...

Fedora: Security Advisory for seamonkey (FEDORA-2024-ad50671f6c)

The remote host is missing an update for...

Fedora: Security Advisory for seamonkey (FEDORA-2024-31b196eaf1)

The remote host is missing an update for...

Fedora: Security Advisory for seamonkey (FEDORA-2024-8890015ff3)

The remote host is missing an update for...

Security Bulletin: IBM Maximo Application Suite uses ion-java-1.2.0.jar which is vulnerable to CVE-2024-21634.

Summary IBM Maximo Application Suite uses ion-java-1.2.0.jar which is vulnerable to CVE-2024-21634. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2024-21634 DESCRIPTION: **Amazon Ion is vulnerable to a denial of service, caused.....

Key Insights from the NCSC’s Vulnerability Management Guidance

In a world increasingly surrounded by cyber threats, the UK's National Cyber Security Centre (NCSC) offers vital guidance on Vulnerability Management, providing clear and actionable advice for tackling cyber threats. Their recommendations are essential for organizations to understand and mitigate.....

Adversaries are leveraging remote access tools now more than ever — here’s how to stop them

Remote system management/desktop access tools such as AnyDesk and TeamViewer have grown in popularity since 2020. While there are many legitimate uses for this software, adversaries are also finding ways to use them for command and control in their campaigns. There is no easy way to effectively...

Compromising Bank Customer Trust: The Price of Inadequate Data Protection

Banks hold not just money, but also emotions and aspirations. Countless stories unfold within bank walls, reflecting the intimate connection between money and emotion. Beyond the numbers and transactions, every dollar represents individuals’ hopes, dreams, and livelihoods. As the trusted custodian....

Security Bulletin: IBM QRadar Suite software is vulnerable to information exposure

Summary IBM QRadar Suite Software stores user credentials in plain clear text which can be read by an authenticated user. This has been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the...

Elementor Website Builder < 3.12.2 - Admin+ SQLi

...

K000139152 : Linux kernel vulnerability CVE-2023-2006

Security Advisory Description A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute...

Elementor Website Builder SQL Injection

...

Arbitrary File Download Vulnerability in Yonghong Z-Suite of Beijing Yonghong Business Intelligence Technology Co.

Yonghong Z-Suite is a one-stop big data analytics platform. Yonghong Z-Suite has an arbitrary file download vulnerability that can be exploited by attackers to obtain sensitive...

Blood Bank v1.0 - Stored Cross Site Scripting (XSS)

...

Blood Bank 1.0 Cross Site Scripting

...

Detecting Windows-based Malware Through Better Visibility

Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren't just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and put national...

Security Bulletin: IBM Maximo Application Suite and IBM Truststore Manager uses Jinja2-3.1.2-py3-none-any.whl and Jinja2-3.0.3-py3-none-any.whl which is vulnerable to CVE-2024-22195

Summary IBM Maximo Application Suite and IBM Truststore Manager uses Jinja2-3.1.2-py3-none-any.whl and Jinja2-3.0.3-py3-none-any.whl which is vulnerable to CVE-2024-22195. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID:...

Security Bulletin: IBM Maximo Application Suite uses postgresql-42.3.8.jar which is vulnerable to CVE-2024-1597

Summary IBM Maximo Application Suite uses postgresql-42.3.8.jar which is vulnerable to CVE-2024-1597. This bulletin contains information regarding the vulnerability. Vulnerability Details ** CVEID: CVE-2024-1597 DESCRIPTION: **PostgreSQL JDBC Driver (PgJDBC) is vulnerable to SQL injection. A...

Security Bulletin: IBM Maximo Application Suite uses firestore-4.15.1.tgz which is vulnerable to CVE-2023-6460

Summary IBM Maximo Application Suite uses firestore-4.15.1.tgz which is vulnerable to CVE-2023-6460. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2023-6460 DESCRIPTION: **Google APIs nodejs-firestore could allow a local...

Security Bulletin: IBM Maximo Application Suite uses cryptography-41.0.4-cp37-abi3-manylinux_2_28_x86_64.whl and cryptography-41.0.7-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2024-26130

Summary IBM Maximo Application Suite uses cryptography-41.0.4-cp37-abi3-manylinux_2_28_x86_64.whl and cryptography-41.0.7-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2024-26130. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details....

Security Bulletin: IBM Maximo Application Suite uses cryptography-41.0.2-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2023-49083

Summary IBM Maximo Application Suite uses cryptography-41.0.2-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2023-49083.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2023-4807 DESCRIPTION: **OpenSSL is...

Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities

The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. "Vultur has also started masquerading more of its...

[SECURITY] Fedora 38 Update: seamonkey-2.53.18.2-1.fc38

SeaMonkey is an all-in-one Internet application suite (previously made popular by Netscape and Mozilla). It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application.....

[SECURITY] Fedora 39 Update: seamonkey-2.53.18.2-1.fc39

SeaMonkey is an all-in-one Internet application suite (previously made popular by Netscape and Mozilla). It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application.....

[SECURITY] Fedora 40 Update: seamonkey-2.53.18.2-1.fc40

SeaMonkey is an all-in-one Internet application suite (previously made popular by Netscape and Mozilla). It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application.....

K000139140 : util-linux vulnerability CVE-2024-28085

Security Advisory Description wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not...

K000139141 : liblzma vulnerability CVE-2024-3094

Security Advisory Description Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to....

Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros

Red Hat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain compromise, tracked as...

CVE-2024-30246

Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit this issue on purpose to delete information on the instance or possibly gain access to restricted artifacts. It is however not possible to control exactly which...

CVE-2024-30246

Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit this issue on purpose to delete information on the instance or possibly gain access to restricted artifacts. It is however not possible to control exactly which...

CVE-2024-30246

Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit this issue on purpose to delete information on the instance or possibly gain access to restricted artifacts. It is however not possible to control exactly which...

CVE-2024-30246 Tuleap deleting or moving an artifact can delete values from unrelated artifacts

Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit this issue on purpose to delete information on the instance or possibly gain access to restricted artifacts. It is however not possible to control exactly which...

Dell Security Management Server <1.9.0 - Local Privilege Escalation Exploit

...

K000139092 : DNS vulnerability CVE-2023-50387

Security Advisory Description Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a...

Security Bulletin: Multiple Security Vulnerabilities have been fixed in the IBM Directory Server and IBM Directory Suite products (CVE-2022-22473. CVE-2021-38951)

Summary Multiple Security Vulnerabilities in the IBM WebSphere Application Server product as shipped with the IBM Directory Server and IBM Directory Suite products have been fixed. Vulnerability Details ** CVEID: CVE-2022-22473 DESCRIPTION: **IBM WebSphere Application Server 7.0, 8.0, 8.5, and...

nac-town.co.jp Cross Site Scripting vulnerability OBB-3889152

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Dell Security Management Server &lt;1.9.0 - Local Privilege Escalation

...

Dell Security Management Server Privilege Escalation

...

K000139084 : DNS vulnerability CVE-2023-50868

Security Advisory Description The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3"...

Important: libreoffice security fix update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

libreoffice security fix update

An update is available for libreoffice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...

CVE-2024-2244

REST service authentication anomaly with “valid username/no password” credential combination for batch job processing resulting in successful service invocation. The anomaly doesn’t exist with other credential...

Kirby CMS Cross-Site Scripting Vulnerability

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A heap buffer overflow vulnerability exists in Rockwell Automation Arena Simulation Software, which can be exploited by an attacker to...

Rockwell Automation Arena Simulation Software Arbitrary Code Execution Vulnerability

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. An arbitrary code execution vulnerability exists in Rockwell Automation Arena Simulation Software, which can be exploited by an attacker to....

MobileShop master v1.0 - SQL Injection Vulnerability

...

OpenNMS Horizon 31.0.7 Remote Command Execution Exploit

This Metasploit module exploits built-in functionality in OpenNMS Horizon in order to execute arbitrary commands as the opennms user. For versions 32.0.2 and higher, this module requires valid credentials for a user with ROLE_FILESYSTEM_EDITOR privileges and either ROLE_ADMIN or ROLE_REST. For...

K000139064 : Apache vulnerabilities CVE-2009-2299, CVE-2012-3526, CVE-2012-4001, and CVE-2012-4360

Security Advisory Description CVE-2009-2299 The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via...