OceanStor 2800 V3,OceanStor 5300 V3,OceanStor 5500 V3,OceanStor 5600 V3,OceanStor 5800 V3 Security Vulnerabilities

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Persistent Local Code Execution Vulnerability

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary...

ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices

*Updated 2024-04-25 16:57 GMT with minor wording corrections regarding the targeting of other vendors. ArcaneDoor is a campaign that is the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors. Coveted by these actors, perimeter network devices are...

AIX is vulnerable to arbitrary code execution due to RPM (CVE-2023-7104)

IBM SECURITY ADVISORY First Issued: Wed Apr 24 15:34:58 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/rpm_advisory2.asc Security Bulletin: AIX is vulnerable to arbitrary code execution due to RPM (CVE-2023-7104)...

WordPress LayerSlider Plugin: SQL Injection Vulnerability

On March 25th, 2024, a critical security vulnerability was discovered in the LayerSlider plugin for WordPress, marked as CVE-2024-2879. The plugins have more than 10 lakh active installations. This flaw, rated with a CVSS score of 7.5 out of 10.0, is identified as an SQL injection vulnerability...

IPv6 enabled on IPv4-only network interfaces

In 26.0.0 and 26.0.1, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. Impact A container with an ipvlan or macvlan interface will normally be configured to share an external network link with the host machine. Because of this direct access,...

IPv6 enabled on IPv4-only network interfaces

In 26.0.0 and 26.0.1, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. Impact A container with an ipvlan or macvlan interface will normally be configured to share an external network link with the host machine. Because of this direct access,...

Mitsubishi Electric MELSEC iQ-R Series (Update B)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-R Series CPU Module Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this...

Mitsubishi Electric MELSEC iQ-R Series (Update B)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-R Series CPU Module Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Insufficiently Protected Credentials, Overly Restrictive Account.....

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1322-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1322-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...

Dell Client BIOS Out-Of-Bounds Write Vulnerability (DSA-2024-066)

The Dell BIOS on the remote device is missing a security patch and is, therefore, affected by an Out-of-Bounds Write Vulnerability that could be exploited by malicious users to compromise the affected system. Note that Nessus has not tested for this issue but has instead relied only on the...

CVE-2024-26823

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems While refactoring the way the ITSs are probed, the handling of quirks applicable to ACPI-based platforms was lost. As a result, systems such as HIP07 lose their...

CVE-2024-26823

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems While refactoring the way the ITSs are probed, the handling of quirks applicable to ACPI-based platforms was lost. As a result, systems such as HIP07 lose their...

CVE-2024-26823

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems While refactoring the way the ITSs are probed, the handling of quirks applicable to ACPI-based platforms was lost. As a result, systems such as HIP07 lose their...

CVE-2024-26823

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems While refactoring the way the ITSs are probed, the handling of quirks applicable to ACPI-based platforms was lost. As a result, systems such as HIP07 lose their...

CVE-2024-26823 irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems While refactoring the way the ITSs are probed, the handling of quirks applicable to ACPI-based platforms was lost. As a result, systems such as HIP07 lose their...

CVE-2024-26823

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems While refactoring the way the ITSs are probed, the handling of quirks applicable to ACPI-based platforms was lost. As a result, systems such as HIP07 lose their...

RoboDK RoboDK

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 3.3 ATTENTION: Low attack complexity Vendor: RoboDK Equipment: RoboDK Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker crashing the program through heap-based buffer...

Electrolink FM/DAB/TV Transmitter

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Electrolink Equipment: FM/DAB/TV Transmitter Vulnerabilities: Authentication Bypass by Assumed-Immutable Data, Reliance on Cookies without Validation and...

Keras 2 Lambda Layers Allow Arbitrary Code Injection in TensorFlow Models

Overview Lambda Layers in third party TensorFlow-based Keras models allow attackers to inject arbitrary code into versions built prior to Keras 2.13 that may then unsafely run with the same permissions as the running application. For example, an attacker could use this feature to trojanize a...

Traefik affected by HTTP/2 CONTINUATION flood in net/http

There is a potential vulnerability in Traefik managing HTTP/2 connections. More details in the CVE-2023-45288. Patches https://github.com/traefik/traefik/releases/tag/v2.11.2 https://github.com/traefik/traefik/releases/tag/v3.0.0-rc5 Workarounds No workaround For more information If you have any...

Traefik affected by HTTP/2 CONTINUATION flood in net/http

There is a potential vulnerability in Traefik managing HTTP/2 connections. More details in the CVE-2023-45288. Patches https://github.com/traefik/traefik/releases/tag/v2.11.2 https://github.com/traefik/traefik/releases/tag/v3.0.0-rc5 Workarounds No workaround For more information If you have any...

Exploit for Code Injection in Openplcproject Openplc V3 Firmware

CVE-2021-31630 OpenPLC 3 WebServer Authenticated Remote Code...

CVE-2024-3765

A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input...

CVE-2024-3765

A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input...

CVE-2024-3765 Xiongmai AHB7804R-MH-V2 Sofia Service access control

A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input...

Security Bulletin: Order Management is subject to various OS vulnerabilites which could have allowed attacker various entry points into application.

Summary Order Management has updated the container OS version and remediated to the point of code freeze. This bulletin identifies the steps to take to address the vulnerabilities by updating to the very latest OS version. Vulnerability Details ** CVEID: CVE-2022-2923 DESCRIPTION: **Vim is...

Traefik vulnerable to denial of service with Content-length header

There is a potential vulnerability in Traefik managing requests with Content-length and no body . Sending a GET request to any Traefik endpoint with the Content-length request header results in an indefinite hang with the default configuration. This vulnerability can be exploited by attackers to...

Traefik vulnerable to denial of service with Content-length header

There is a potential vulnerability in Traefik managing requests with Content-length and no body . Sending a GET request to any Traefik endpoint with the Content-length request header results in an indefinite hang with the default configuration. This vulnerability can be exploited by attackers to...

MinIO Privilege Escalation

...

MinIO < 2024-01-31T20-20-33Z - Privilege Escalation

...

MinIO < 2024-01-31T20-20-33Z - Privilege Escalation Exploit

...

AIX is vulnerable to email spoofing due to sendmail (CVE-2023-51765)

IBM SECURITY ADVISORY First Issued: Thu Apr 11 15:33:45 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/sendmail_advisory4.asc Security Bulletin: AIX is vulnerable to email spoofing due to sendmail (CVE-2023-51765)...

AIX is affected by multiple vulnerabilities due to Python (CVE-2023-52425 CVE-2023-52426 CVE-2023-6597)

IBM SECURITY ADVISORY First Issued: Thu Apr 11 15:29:16 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/python_advisory8.asc Security Bulletin: AIX is affected by multiple vulnerabilities due to Python (CVE-2023-52425,...

Siemens Telecontrol Server Basic

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Siemens Scalance W1750D

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Siemens SIMATIC S7-1500

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Siemens SINEC NMS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Siemens Parasolid

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Evmos transaction execution not accounting for all state transition after interaction with precompiles

Context stateObject: represents the state of an account and is used to store its updates during a state transition. This is accomplished using two in memory Storage variables: originStorage and dirtyStorage StateDB: it is the general interface to retrieve accounts and holds a map of...

Evmos transaction execution not accounting for all state transition after interaction with precompiles

Context stateObject: represents the state of an account and is used to store its updates during a state transition. This is accomplished using two in memory Storage variables: originStorage and dirtyStorage StateDB: it is the general interface to retrieve accounts and holds a map of...

Exploit for CVE-2024-24576

CVE-2024-24576 PoC The Command::arg and...

CVE-2023-49912

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...

CVE-2023-49911

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...

CVE-2023-49911

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...

CVE-2023-49912

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...

CVE-2023-49913

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...

CVE-2023-49909

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...

CVE-2023-49909

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...

CVE-2023-49910

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...

CVE-2023-49913

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...