HPE Superdome Flex Servers; HPE Superdome Flex 280 Servers Security Vulnerabilities

CVE-2024-35237

MIT IdentiBot is an open-source Discord bot written in Node.js that verifies individuals' affiliations with MIT, grants them roles in a Discord server, and stores information about them in a database backend. A vulnerability that exists prior to commit 48e3e5e7ead6777fa75d57c7711c8e55b501c24e...

CVE-2024-35237 MIT IdentiBot User-Kerberos Mapping Publicly Available

MIT IdentiBot is an open-source Discord bot written in Node.js that verifies individuals' affiliations with MIT, grants them roles in a Discord server, and stores information about them in a database backend. A vulnerability that exists prior to commit 48e3e5e7ead6777fa75d57c7711c8e55b501c24e...

CVE-2024-35237 MIT IdentiBot User-Kerberos Mapping Publicly Available

MIT IdentiBot is an open-source Discord bot written in Node.js that verifies individuals' affiliations with MIT, grants them roles in a Discord server, and stores information about them in a database backend. A vulnerability that exists prior to commit 48e3e5e7ead6777fa75d57c7711c8e55b501c24e...

Server-Side Request Forgery (SSRF)

vufind/vufind is vulnerable to Server-Side Request Forgery (SSRF). The vulnerability is due to improper input validation in the /Cover/Show route, allowing remote attackers to access internal HTTP servers and execute Cross-Site Scripting (XSS) attacks by proxying arbitrary URLs via the proxy GET...

Fedora: Security Advisory for clamav (FEDORA-2024-34474f346b)

The remote host is missing an update for...

Fedora: Security Advisory for freerdp (FEDORA-2024-c702ea0fb1)

The remote host is missing an update for...

Fedora: Security Advisory for freerdp (FEDORA-2024-050266dc33)

The remote host is missing an update for...

Fedora: Security Advisory for cockpit (FEDORA-2024-31e83b461d)

The remote host is missing an update for...

Fedora: Security Advisory for clamav (FEDORA-2024-1a79c2ef63)

The remote host is missing an update for...

Fedora: Security Advisory for mod_http2 (FEDORA-2024-4812897dd1)

The remote host is missing an update for...

Fedora: Security Advisory for clamav (FEDORA-2024-92b8ac25a5)

The remote host is missing an update for...

Fedora: Security Advisory for mediawiki (FEDORA-2024-2c564b942d)

The remote host is missing an update for...

Fedora: Security Advisory for mod_http2 (FEDORA-2024-1f11550e31)

The remote host is missing an update for...

Fedora: Security Advisory for freerdp2 (FEDORA-2024-982a7184e0)

The remote host is missing an update for...

Fedora: Security Advisory for freerdp (FEDORA-2024-1b11432d52)

The remote host is missing an update for...

Fedora: Security Advisory for mod_http2 (FEDORA-2024-528301bac2)

The remote host is missing an update for...

JA4+ - Suite Of Network Fingerprinting Standards

JA4+ is a suite of network Fingerprinting methods that are easy to use and easy to share. These methods are both human and machine readable to facilitate more effective threat-hunting and analysis. The use-cases for these fingerprints include scanning for threat actors, malware detection, session.....

Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack

The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect Secure (ICS) involved the threat actor creating rogue virtual machines (VMs) within its VMware environment. "The adversary created....

BIT-node-2024-22019

A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk....

idm:DL1 security update

bind-dyndb-ldap [11.6-4] - Modify empty zone conflicts under exclusive mode Resolves: rhbz#2126877 [11.6-3] - Rebuild against bind 9.11.36 - Resolves: rhbz#2022762 [11.6-2] - Rebuild against bind 9.11.26 - Resolves: rhbz#1904612 [11.6-1] - New upstream release - Resolves: rhbz#1891735 [11.3-1] -...

SBOM support in Spring Boot 3.3

Spring Boot 3.3.0 has been released, and it contains support for SBOMs. SBOM stands for "Software Bill of Materials" and describes the components used to build a software artifact. In the context of this blog post, that's your Spring Boot application. These SBOMs are useful because they describe...

Stark Industries Solutions: An Iron Hammer in the Cloud

The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government.....

Medium: golang

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

Ransomware attacks targeting VMware ESXi infrastructure follow an established pattern regardless of the file-encrypting malware deployed, new findings show. "Virtualization platforms are a core component of organizational IT infrastructure, yet they often suffer from inherent misconfigurations and....

Silverstripe X-Forwarded-Host request hostname injection

A potential hostname injection vulnerability has been found which could allow attackers to alter url resolution. If a request contains the X-Forwarded-Host HTTP header a website would then use its value in place of the actual HTTP hostname. In cases where caching is enabled, this could allow an...

Silverstripe X-Forwarded-Host request hostname injection

A potential hostname injection vulnerability has been found which could allow attackers to alter url resolution. If a request contains the X-Forwarded-Host HTTP header a website would then use its value in place of the actual HTTP hostname. In cases where caching is enabled, this could allow an...

New Frontiers, Old Tactics: Chinese Espionage Group Targets Africa & Caribbean Govts

The China-linked threat actor known as Sharp Panda has expanded their targeting to include governmental organizations in Africa and the Caribbean as part of an ongoing cyber espionage campaign. "The campaign adopts Cobalt Strike Beacon as the payload, enabling backdoor functionalities like C2...

Are Your SaaS Backups as Secure as Your Production Data?

Conversations about data security tend to diverge into three main threads: How can we protect the data we store on our on-premises or cloud infrastructure? What strategies and tools or platforms can reliably backup and restore data? What would losing all this data cost us, and how quickly could...

Inside Operation Diplomatic Specter: Chinese APT Group's Stealthy Tactics Exposed

Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat (APT) group as part of an ongoing cyber espionage campaign dubbed Operation Diplomatic Specter since at least late 2022. "An analysis of this threat actor's activity reveals long-term.....

A journey into forgotten Null Session and MS-RPC interfaces

A journey into forgotten Null Session and MS-RPC interfaces (PDF) It has been almost 24 years since the null session vulnerability was discovered. Back then, it was possible to access SMB named pipes using empty credentials and collect domain information. Most often, attackers leveraged null...

(RHSA-2024:3305) Important: varnish:6 security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): varnish:6: HTTP/2 Broken Window Attack may result in denial of service...

Apache Tomcat 8.5.0 < 8.5.51 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 8.5.51. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_8.5.51_security-8 advisory. When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections...

Apache Tomcat 9.0.0.M1 < 9.0.46

The version of Tomcat installed on the remote host is prior to 9.0.46. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_9.0.46_security-9 advisory. A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations...

Apache Tomcat 8.5.0 < 8.5.66

The version of Tomcat installed on the remote host is prior to 8.5.66. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_8.5.66_security-8 advisory. A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations...

CentOS 8 : xorg-x11-server-Xwayland (CESA-2024:3343)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:3343 advisory. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when...

Apache Tomcat 8.5.0 < 8.5.31

The version of Tomcat installed on the remote host is prior to 8.5.31. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_8.5.31_security-8 advisory. An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an...

Apache Tomcat 8.0.0.RC1 < 8.0.39 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 8.0.39. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_8.0.39_security-8 advisory. Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before...

Apache Tomcat 8.0.0.RC1 < 8.0.36

The version of Tomcat installed on the remote host is prior to 8.0.36. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_8.5.3_and_8.0.36_security-8 advisory. The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x...

Apache Tomcat 8.5.0 < 8.5.3

The version of Tomcat installed on the remote host is prior to 8.5.3. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_8.5.3_and_8.0.36_security-8 advisory. The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x...

DLink DIR < 2.17.b02 (SAP10018)

The version of DLink DIR installed on the remote host is prior to 2.17.b02. It is, therefore, affected by a vulnerability as referenced in the SAP10018 advisory. Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b02 allow...

Apache Tomcat 8.5.0 < 8.5.58

The version of Tomcat installed on the remote host is prior to 8.5.58. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_8.5.58_security-8 advisory. If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to ...

Apache Tomcat 9.0.0.M1 < 9.0.0.M21

The version of Tomcat installed on the remote host is prior to 9.0.0.M21. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_9.0.0.m21_security-9 advisory. The error page mechanism of the Java Servlet Specification requires that, when an error occurs and...

Apache Tomcat 9.0.0.M1 < 9.0.29 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.29. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_9.0.29_security-9 advisory. When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX...

Apache Tomcat 7.0.0 < 7.0.73 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 7.0.73. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_7.0.73_security-7 advisory. Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before...

Apache Tomcat 7.0.0 < 7.0.100 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 7.0.100. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_7.0.100_security-7 advisory. When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections.....

kernel security, bug fix, and enhancement update

[4.18.0-553.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with...

Apache Tomcat 9.0.0.M1 < 9.0.0.M15

The version of Tomcat installed on the remote host is prior to 9.0.0.M15. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_9.0.0.m15_security-9 advisory. A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1.....

Apache Tomcat 8.0.0.RC1 < 8.0.41

The version of Tomcat installed on the remote host is prior to 8.0.41. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_8.0.41_security-8 advisory. A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1...

Apache Tomcat 9.0.0.M1 < 9.0.12

The version of Tomcat installed on the remote host is prior to 9.0.12. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_9.0.12_security-9 advisory. When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to ...

Apache Tomcat 9.0.0.M1 < 9.0.0.M10 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.0.M10. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_9.0.0.m10_security-9 advisory. The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to...