Genian NAC V5.0 & Genian NAC Suite V5.0 Security Vulnerabilities

CentOS: Security Advisory for tigervnc (CESA-2024:0006)

The remote host is missing an update for...

K000138825 : OpenSSH vulnerability CVE-2023-51384

Security Advisory Description In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token...

CentOS: Security Advisory for tigervnc (CESA-2024:0629)

The remote host is missing an update for...

Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability

Vulnerability Details Affected Vendor: Artica Affected Product: Artica Proxy Affected Version: 4.40 and 4.50 Platform: Debian 10 LTS CWE Classification: CWE-23: Relative Path Traversal CVE ID: CVE-2024-2053 Vulnerability Description The Artica Proxy administrative web application attempts...

Security Bulletin: IBM Maximo Application Suite - Predict Component uses urllib3-1.26.16-py2.py3-none-any.whl which is vulnerable to CVE-2023-45803 This bulletin contains information regarding the vulnerability and its fixture.

Summary IBM Maximo Application Suite - Predict Component :urllib3-1.26.16-py2.py3-none-any.whl is vulnerable to CVE-2023-45803 This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2023-45803 DESCRIPTION: **urllib3 could allow a remote.....

Security Bulletin: urllib3-1.26.16-py2.py3-none-any.whl (Publicly disclosed vulnerability found by Mend) was vulnerable to this CVE-2023-43804

Summary Security Bulletin: urllib3-1.26.16-py2.py3-none-any.whl (Publicly disclosed vulnerability found by Mend) was vulnerable to this CVE-2023-43804 : This bulltetin identifies the vulnerability and it's solution. Vulnerability Details ** CVEID: CVE-2023-43804 DESCRIPTION: **urllib3 could allow.....

openSUSE: Security Advisory for salt (SUSE-SU-2024:0509-1)

The remote host is missing an update for...

openSUSE: Security Advisory for seamonkey (openSUSE-SU-2023:0278-1)

The remote host is missing an update for...

openSUSE: Security Advisory for wdiff (openSUSE-SU-2022:10031-1)

The remote host is missing an update for...

Real Estate Management System v1.0 - Remote Code Execution via File Upload Vulnerability

...

TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 Privilege Escalation

...

IBM Cognos Analytics Access Control Error Vulnerability (CNVD-2024-12708)

IBM Cognos Analytics is a suite of business intelligence software from International Business Machines (IBM). An access control error vulnerability exists in IBM Cognos Analytics, which can be exploited by a remote attacker to submit a special request that can obtain sensitive...

openSUSE: Security Advisory for mozilla (SUSE-SU-2022:2533-2)

The remote host is missing an update for...

openSUSE: Security Advisory for salt (SUSE-SU-2024:0510-1)

The remote host is missing an update for...

Real Estate Management System 1.0 Shell Upload

...

openSUSE: Security Advisory for gcc13 (SUSE-SU-2023:4458-1)

The remote host is missing an update for...

openSUSE: Security Advisory for gcc13 (SUSE-SU-2023:4162-1)

The remote host is missing an update for...

CVE-2023-47742

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could disclose sensitive information using man in the middle techniques due to not correctly enforcing all aspects of certificate validation in some circumstances. IBM X-Force ID: ...

CVE-2024-22355

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: ...

CVE-2024-22355

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: ...

CVE-2023-47742

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could disclose sensitive information using man in the middle techniques due to not correctly enforcing all aspects of certificate validation in some circumstances. IBM X-Force ID: ...

Code injection

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could disclose sensitive information using man in the middle techniques due to not correctly enforcing all aspects of certificate validation in some circumstances. IBM X-Force ID: ...

Design/Logic Flaw

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: ...

CVE-2024-22355 IBM QRadar Suite information dislosure

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: ...

CVE-2023-47742 IBM QRadar Suite information dislosure

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could disclose sensitive information using man in the middle techniques due to not correctly enforcing all aspects of certificate validation in some circumstances. IBM X-Force ID: ...

Real Estate Management System v1.0 - Remote Code Execution via File Upload

...

Security Bulletin: Vulnerability in Node.js affects Cloud Pak System [CVE-2023-42282]

Summary Node.js IP package code execution vulnerability affects Cloud Pak System on Power [CVE-2023-42282]. Vulnerability Details ** CVEID: CVE-2023-42282 DESCRIPTION: **Node.js IP package could allow a remote attacker to execute arbitrary code on the system, caused by a server-side request...

Metasploit Weekly Wrap-Up 03/01/2024

Connect the dots from authentication bypass to remote code execution This week, our very own sfewer-r7 added a new exploit module that leverages an authentication bypass vulnerability in ConnectWise ScreenConnect to achieve remote code execution. This vulnerability, CVE-2024-1709, affects all...

Security Bulletin: IBM QRadar Suite software is vulnerable to information exposure and man in the middle attacks (CVE-2023-47742, CVE-2024-22355)

Summary IBM QRadar Suite software is vulnerable to information exposure through password practices & man in the middle attacks, due to certificate validation issues. This has been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the...

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details **...

Security Bulletin: nginx is vulnerable to CVE-2021-23017 used in IBM Maximo Application Suite - Edge Data Collector Component

Summary IBM Maximo Application Suite - Edge Data Collector Component uses nginx which is vulnerable to CVE-2021-23017. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2021-23017 DESCRIPTION: **NGINX could allow a remote attacker to...

K000138726 : Linux kernel vulnerability CVE-2023-3611

Security Advisory Description An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to...

IBM Security Guardium OS Command Injection Vulnerability (CNVD-2024-11735)

IBM Security Guardium is a suite of platforms from International Business Machines (IBM) that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. An operating system command injection vulnerability exists....

Security Bulletin: There is a vulnerability in Asset Data Dictionary used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-34462 and CVE-2023-44487)

Summary There is a vulnerability in Asset Data Dictionary used by IBM Maximo Manage application in IBM Maximo Application Suite Vulnerability Details ** CVEID: CVE-2023-34462 DESCRIPTION: **Netty is vulnerable to a denial of service, caused by a flaw with allocating up to 16MB of heap for each...

MongoDB Server may allow successful untrusted connection

Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer certificate validation which may result in untrusted connections to succeed. This may effectively reduce the security guarantees provided by TLS and open connections that should have been closed due to...

CVE-2024-0689

The Custom Field Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a meta import in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping on the meta values. This makes it possible for authenticated attackers, with...

CVE-2024-0689

The Custom Field Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a meta import in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping on the meta values. This makes it possible for authenticated attackers, with...

Cross site scripting

The Custom Field Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a meta import in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping on the meta values. This makes it possible for authenticated attackers, with...

CVE-2024-0689

The Custom Field Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a meta import in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping on the meta values. This makes it possible for authenticated attackers, with...

Backdoor.Win32.Agent.amt MVID-2024-0673 Authentication Bypass / Code Execution

...

CentOS 9 : qemu-kvm-6.1.0-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the qemu-kvm-6.1.0-3.el9 build changelog. use-after-free during packet reassembly [rhel-av-8]) (CVE-2019-15890) A flaw was found in QEMU in the implementation of the Pointer...

Security Bulletin: requests-2.28.2-py3-none-any.whl (Publicly disclosed vulnerability found by Mend)

Summary Security Bulletin: requests-2.28.2-py3-none-any.whl (Publicly disclosed vulnerability found by Mend - This has been fixed in MAS 8.11 in APM-PM-LIB Vulnerability Details ** CVEID: CVE-2023-32681 DESCRIPTION: **python-requests could allow a remote attacker to obtain sensitive information,...

Security Bulletin: Red Hat Universal Base Image Minimal UBI Publicly disclosed vulnerability

Summary Red Hat Universal Base Image Minimal UBI Publicly disclosed vulnerability, the ubi8 containers that the MAS Core team maintains will all be rebuilt using the latest ubi8 version that is available. Vulnerability Details ** CVEID: CVE-2023-3899 DESCRIPTION: **Red Hat Enterprise Linux could...

Security Bulletin: IBM Maximo Application Predict Component uses WebSphere Application Server Liberty is vulnerable to information disclosure due to Apache Santuario which is vulnerable to CVE-2023-44483

Summary IBM Maximo Application Predict Component uses WebSphere Application Server Liberty is vulnerable to information disclosure due to Apache Santuario which is vulnerable to CVE-2023-44483 This bulletin contains information regarding the vulnerability and it's fixture Vulnerability Details **.....

Security Bulletin: IBM Maximo Application Predict Component uses OSS Scan - WebSphere Liberty is vulnerable to weaker than expected security which is vulnerable to CVE-2023-46158.

Summary Security Bulletin: IBM Maximo Application Predict Component uses OSS Scan - WebSphere Liberty is vulnerable to weaker than expected security which is vulnerable to CVE-2023-46158. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details **...

Superusers Need Super Protection: How to Bridge Privileged Access Management and Identity Management

Traditional perimeter-based security has become costly and ineffective. As a result, communications security between people, systems, and networks is more important than blocking access with firewalls. On top of that, most cybersecurity risks are caused by just a few superusers – typically one out....

Custom Field Suite < 2.6.5 - Authenticated (Admin+) Stored Cross-Site Scripting

Description The Custom Field Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a meta import in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping on the meta values. This makes it possible for authenticated attackers, with....

Intel® NUC Software Advisory

Summary: Potential security vulnerabilities in some Intel® NUC software installers may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-32272 Description: Uncontrolled search.....

Security Bulletin: Follow-redirects is vulnerable to CVE-2023-26159 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses follow-redirects which is vulnerable to CVE-2023-26159. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-26159 DESCRIPTION: **follow-redirects could allow a remote...

Security Bulletin: urllib3 is vulnerable to CVE-2023-45803 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses urllib3 which is vulnerable to CVE-2023-45803. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-45803 DESCRIPTION: **urllib3 could allow a remote authenticated attacker...