HPE Superdome Flex Servers; HPE Superdome Flex 280 Servers Security Vulnerabilities

EulerOS Virtualization 3.0.6.6 : python (EulerOS-SA-2024-1663)

According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free exists in Python through 3.9 via heappushpop in heapq. (CVE-2022-48560) An XML External Entity (XXE) issue was...

SAP NetWeaver AS ABAP XSS (May 2024) (3448445)

The remote SAP NetWeaver ABAP server may be affected by a cross-site scripting (XSS) vulnerability. A cross-site scripting (XSS) vulnerability exists due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this, by convincing a.....

SAP NetWeaver AS ABAP File Upload Vulnerability (May 2024) (3448171)

The remote SAP NetWeaver ABAP server may be affected by an arbitrary file upload vulnerability. An arbitrary file upload vulnerability exists in the content repositiory due to missing a signature check. An unauthenticated, remote attacker can exploit this to upload arbitrary files on the remote...

EulerOS Virtualization 3.0.6.0 : shim (EulerOS-SA-2024-1706)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to...

SAP NetWeaver AS ABAP XSS (May 2024) (3450286)

The remote SAP NetWeaver ABAP server may be affected by a cross-site scripting (XSS) vulnerability. A cross-site scripting (XSS) vulnerability exists due to improper validation and encoding of untrusted data. An unauthenticated, remote attacker can exploit this, by convincing a user to click a...

Invoke-SessionHunter - Retrieve And Display Information About Active User Sessions On Remote Computers (No Admin Privileges Required)

Retrieve and display information about active user sessions on remote computers. No admin privileges required. The tool leverages the remote registry service to query the HKEY_USERS registry hive on the remote computers. It identifies and extracts Security Identifiers (SIDs) associated with active....

Talos releases new macOS open-source fuzzer

Cisco Talos has developed a fuzzer that enables us to test macOS software on commodity hardware. Fuzzer utilizes a snapshot-based fuzzing approach and is based on WhatTheFuzz framework. Support for VM state extraction was implemented and WhatTheFuzz was extended to support the loading of VMWare...

Siemens SIMATIC RTLS Locating Manager

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

CVE-2024-35301

In JetBrains TeamCity before 2024.03.1 commit status publisher didn't check project scope of the GitHub App...

CVE-2024-35301

In JetBrains TeamCity before 2024.03.1 commit status publisher didn't check project scope of the GitHub App...

Zero-Trust DNS

Microsoft is working on a promising-looking protocol to lock down DNS. ZTDNS aims to solve this decades-old problem by integrating the Windows DNS engine with the Windows Filtering Platform--the core component of the Windows Firewall--directly into client devices. Jake Williams, VP of research...

Weights and Biases (wandb) has a Server-Side Request Forgery (SSRF) vulnerability

A Server-Side Request Forgery (SSRF) vulnerability exists in the wandb/wandb repository due to improper handling of HTTP 302 redirects. This issue allows team members with access to the 'User settings -> Webhooks' function to exploit this vulnerability to access internal HTTP(s) servers. In seve...

Withdrawn Advisory: Weights and Biases (wandb) has a Server-Side Request Forgery (SSRF) vulnerability

Withdrawn Advisory This advisory has been withdrawn because the underlying issue existed in Weights and Biases's backend server code, not the software development kit included in the wandb PyPI package, as originally reported. This link is maintained to preserve external references. Original...

Huawei EulerOS: Security Advisory for python (EulerOS-SA-2024-1663)

The remote host is missing an update for the Huawei...

OpenSSL 3.3.0 < 3.3.1 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.3.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.3.1 advisory. Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the...

CVE-2024-35183

wolfictl is a command line tool for working with Wolfi. A git authentication issue in versions prior to 0.16.10 allows a local user’s GitHub token to be sent to remote servers other than github.com. Most git-dependent functionality in wolfictl relies on its own git package, which contains...

CVE-2024-35183

wolfictl is a command line tool for working with Wolfi. A git authentication issue in versions prior to 0.16.10 allows a local user’s GitHub token to be sent to remote servers other than github.com. Most git-dependent functionality in wolfictl relies on its own git package, which contains...

CVE-2024-35183

wolfictl is a command line tool for working with Wolfi. A git authentication issue in versions prior to 0.16.10 allows a local user’s GitHub token to be sent to remote servers other than github.com. Most git-dependent functionality in wolfictl relies on its own git package, which contains...

CVE-2024-35183 wolfictl leaks GitHub tokens to remote non-GitHub git servers

wolfictl is a command line tool for working with Wolfi. A git authentication issue in versions prior to 0.16.10 allows a local user’s GitHub token to be sent to remote servers other than github.com. Most git-dependent functionality in wolfictl relies on its own git package, which contains...

CVE-2024-35183 wolfictl leaks GitHub tokens to remote non-GitHub git servers

wolfictl is a command line tool for working with Wolfi. A git authentication issue in versions prior to 0.16.10 allows a local user’s GitHub token to be sent to remote servers other than github.com. Most git-dependent functionality in wolfictl relies on its own git package, which contains...

wolfictl leaks GitHub tokens to remote non-GitHub git servers

Summary A git authentication issue allows a local user’s GitHub token to be sent to remote servers other than github.com. Details Most git-dependent functionality in wolfictl relies on its own git package, which contains centralized logic for implementing interactions with git repositories. Some...

wolfictl leaks GitHub tokens to remote non-GitHub git servers

Summary A git authentication issue allows a local user’s GitHub token to be sent to remote servers other than github.com. Details Most git-dependent functionality in wolfictl relies on its own git package, which contains centralized logic for implementing interactions with git repositories. Some...

Open Redirect

scrapy is vulnerable to Open Redirect. The vulnerability is due to indiscriminate handling of redirects across different URL schemes, which can result in redirecting requests to potentially malicious destinations, such as local files, malicious FTP servers, or S3 buckets. If an attacker has access....

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:1648-1)

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1648-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory ...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-3 (SUSE-SU-2024:1634-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1634-1 advisory. Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when ...

SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1646-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1646-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array...

SAP Cloud Connector 2.16.1 Missing Validation

...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6766-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6766-2 advisory. In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able...

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2024:1633-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1633-1 advisory. Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.8)

The version of AOS installed on the remote host is prior to 6.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.8 advisory. Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in...

Amazon Linux 2 : freerdp (ALAS-2024-2537)

The version of freerdp installed on the remote host is prior to 2.11.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2537 advisory. 2024-06-06: CVE-2024-32660 was added to this advisory. FreeRDP is a set of free and open source remote desktop protocol...

Amazon Linux 2 : edk2 (ALAS-2024-2539)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2539 advisory. Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations...

Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2024-2540)

The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.412.b08-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2540 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...

SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1643-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1643-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two...

CVE-2024-31483

An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating...

CVE-2024-31482

An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected Access...

CVE-2024-31480

Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected...

CVE-2024-31481

Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected...

CVE-2024-31477

Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating...

CVE-2024-31478

Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilites result in the ability to interrupt the normal operation of the affected Access...

CVE-2024-31479

Unauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected...

CVE-2024-31476

Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating...

CVE-2024-31473

There is a command injection vulnerability in the underlying deauthentication service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this...

CVE-2024-31472

There are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these...

CVE-2024-31475

There is an arbitrary file deletion vulnerability in the Central Communications service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead...

CVE-2024-31474

There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI (Aruba's Access Point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to...

CVE-2024-31471

There is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this....

CVE-2024-31469

There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these....

CVE-2024-31470

There is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful...

CVE-2024-31467

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities...