HPE Integrated Lights-out 5 (iLO 5), HPE Integrated Lights-out 6 (iLO 6), Security Vulnerabilities

Episode 2: Behind the Scenes of a Tailor-Made Massive Phishing Campaign Part 2

Executive Summary Last summer, we investigated a massive, global phishing campaign impersonating almost 350 legitimate companies. Our continued investigation into this expansive phishing campaign revealed leaked backend source code, shedding light on the infrastructure behind the operation. This...

Security Bulletin: IBM Operator for Apache Flink is vulnerable to a denial of service attack due to the Apache Commons Compress component ( CVE-2024-25710,CVE-2024-26308).

Summary IBM Operator for Apache Flink is vulnerable to a denial of service attack due to the Apache Commons Compress component. Apache Flink uses Commons Compress for handling compressed files and formats, enabling efficient data processing and storage. Vulnerability Details ** CVEID:...

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.6.0 Vulnerability Details ** CVEID: CVE-2022-25857 DESCRIPTION: **Java package org.yaml:snakeyam is vulnerable to a denial of service, caused by missing to nested depth limitation for collections. By sending a...

Multiple vulnerabilities in TP-Link Omada system could lead to root access

The TP-Link Omada system is a software-defined networking solution for small to medium-sized businesses. It touts cloud-managed devices and local management for all Omada devices. The supported devices in this ecosystem vary greatly but include wireless access points, routers, switches, VPN...

CVE-2023-3817 affecting package rust for versions less than 1.68.2-5

CVE-2023-3817 affecting package rust for versions less than 1.68.2-5. A patched version of the package is...

CVE-2021-23192 affecting package samba 4.12.5-6

CVE-2021-23192 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-14383 affecting package samba 4.12.5-6

CVE-2020-14383 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-14323 affecting package samba 4.12.5-6

CVE-2020-14323 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-14318 affecting package samba 4.12.5-6

CVE-2020-14318 affecting package samba 4.12.5-6. No patch is available...

CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5

CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...

CVE-2023-25761 affecting package junit 4.13-5

CVE-2023-25761 affecting package junit 4.13-5. No patch is available...

CVE-2018-14628 affecting package samba 4.12.5-6

CVE-2018-14628 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-1615 affecting package samba 4.12.5-6

CVE-2022-1615 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-3670 affecting package samba 4.12.5-6

CVE-2021-3670 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-17049 affecting package samba 4.12.5-6

CVE-2020-17049 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-3738 affecting package samba 4.12.5-6

CVE-2021-3738 affecting package samba 4.12.5-6. No patch is available...

CVE-2024-27304 affecting package telegraf for versions less than 1.28.5-5

CVE-2024-27304 affecting package telegraf for versions less than 1.28.5-5. A patched version of the package is...

CVE-2023-22466 affecting package netavark 1.0.3-5

CVE-2023-22466 affecting package netavark 1.0.3-5. This CVE either no longer is or was never...

CVE-2020-12825 affecting package libcroco 0.6.13-6

CVE-2020-12825 affecting package libcroco 0.6.13-6. No patch is available...

CVE-2022-32743 affecting package samba 4.12.5-6

CVE-2022-32743 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-0336 affecting package samba 4.12.5-6

CVE-2022-0336 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-32744 affecting package samba 4.12.5-6

CVE-2022-32744 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-20316 affecting package samba 4.12.5-6

CVE-2021-20316 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-28506 affecting package giflib 5.2.1-6

CVE-2022-28506 affecting package giflib 5.2.1-6. No patch is available...

CVE-2022-34176 affecting package junit 4.13-5

CVE-2022-34176 affecting package junit 4.13-5. No patch is available...

CVE-2022-28506 affecting package giflib 5.2.1-5

CVE-2022-28506 affecting package giflib 5.2.1-5. This CVE either no longer is or was never...

CVE-2020-25719 affecting package samba 4.12.5-6

CVE-2020-25719 affecting package samba 4.12.5-6. No patch is available...

CVE-2016-2124 affecting package samba 4.12.5-6

CVE-2016-2124 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-43566 affecting package samba 4.12.5-6

CVE-2021-43566 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5

CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5. No patch is available...

CVE-2021-3671 affecting package samba 4.12.5-6

CVE-2021-3671 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-20277 affecting package samba 4.12.5-6

CVE-2021-20277 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-20254 affecting package samba 4.12.5-6

CVE-2021-20254 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-8908 affecting package guava 25.0-5

CVE-2020-8908 affecting package guava 25.0-5. This CVE either no longer is or was never...

CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5

CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5. No patch is available...

CVE-1999-0817 affecting package lynx 2.9.0~dev.9-5

CVE-1999-0817 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

CVE-2021-44141 affecting package samba 4.12.5-6

CVE-2021-44141 affecting package samba 4.12.5-6. No patch is available...

CVE-2023-0215 affecting package shim-unsigned-aarch64 15-5

CVE-2023-0215 affecting package shim-unsigned-aarch64 15-5. This CVE either no longer is or was never...

CVE-2022-45380 affecting package junit 4.13-5

CVE-2022-45380 affecting package junit 4.13-5. No patch is available...

CVE-2022-2031 affecting package samba 4.12.5-6

CVE-2022-2031 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-32746 affecting package samba 4.12.5-6

CVE-2022-32746 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-3716 affecting package nbdkit 1.20.7-5

CVE-2021-3716 affecting package nbdkit 1.20.7-5. This CVE either no longer is or was never...

CVE-2020-25722 affecting package samba 4.12.5-6

CVE-2020-25722 affecting package samba 4.12.5-6. No patch is available...

CVE-2010-4226 affecting package cpio 2.13-5

CVE-2010-4226 affecting package cpio 2.13-5. This CVE either no longer is or was never...

CVE-2022-3857 affecting package libpng for versions less than 1.6.39-1

CVE-2022-3857 affecting package libpng for versions less than 1.6.39-1. No patch is available...

CVE-2023-0286 affecting package reaper 3.1.1-6

CVE-2023-0286 affecting package reaper 3.1.1-6. This CVE either no longer is or was never...

CVE-2022-3437 affecting package samba 4.12.5-6

CVE-2022-3437 affecting package samba 4.12.5-6. No patch is available...

CVE-2023-22466 affecting package rpm-ostree 2022.1-6

CVE-2023-22466 affecting package rpm-ostree 2022.1-6. This CVE either no longer is or was never...

CVE-2022-42898 affecting package samba 4.12.5-6

CVE-2022-42898 affecting package samba 4.12.5-6. No patch is available...