Quidway S2700,Quidway S5300,Quidway S5700,S2300,S2700,S5300,S5700,S600-E,S6300,S6700 Security Vulnerabilities

CVE-2024-35907 mlxbf_gige: call request_irq() after NAPI initialized

In the Linux kernel, the following vulnerability has been resolved: mlxbf_gige: call request_irq() after NAPI initialized The mlxbf_gige driver encounters a NULL pointer exception in mlxbf_gige_open() when kdump is enabled. The sequence to reproduce the exception is as follows: a) enable kdump b).....

Linux-Smart-Enumeration - Linux Enumeration Tool For Pentesting And CTFs With Verbosity Levels

First, a couple of useful oneliners ;) wget "https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh" -O lse.sh;chmod 700 lse.sh curl "https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh" -Lo lse.sh;chmod 700 lse.sh Note...

htmlLawed 1.2.5 - Remote Code Execution Exploit

...

htmlLawed 1.2.5 - Remote Code Execution (RCE)

...

CVE-2024-35907

In the Linux kernel, the following vulnerability has been resolved: mlxbf_gige: call request_irq() after NAPI initialized The mlxbf_gige driver encounters a NULL pointer exception in mlxbf_gige_open() when kdump is enabled. The sequence to reproduce the exception is as follows: a) enable kdump b).....

Exploit for CVE-2024-27972

CVE-2024-27972-Poc CVE-2024-27972 WP Fusion Lite <=...

CVE-2024-34058

The WebTop package for NethServer 7 and 8 allows stored XSS (for example, via the Subject field if an e-mail...

CVE-2024-34058

The WebTop package for NethServer 7 and 8 allows stored XSS (for example, via the Subject field if an e-mail...

CVE-2024-5049

A vulnerability, which was classified as critical, has been found in Codezips E-Commerce Site 1.0. Affected by this issue is some unknown functionality of the file admin/editproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack may be launched remotely......

CVE-2024-5049

A vulnerability, which was classified as critical, has been found in Codezips E-Commerce Site 1.0. Affected by this issue is some unknown functionality of the file admin/editproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack may be launched remotely......

CVE-2024-34919

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted...

CVE-2024-34919

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted...

CVE-2024-5049 Codezips E-Commerce Site editproduct.php unrestricted upload

A vulnerability, which was classified as critical, has been found in Codezips E-Commerce Site 1.0. Affected by this issue is some unknown functionality of the file admin/editproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack may be launched remotely......

China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT

Cybersecurity researchers have shed more light on a remote access trojan (RAT) known as Deuterbear used by the China-linked BlackTech hacking group as part of a cyber espionage campaign targeting the Asia-Pacific region this year. "Deuterbear, while similar to Waterbear in many ways, shows...

GitLab 12.3 < 13.0.12 / 13.1 < 13.1.6 / 13.2 < 13.2.3 (CVE-2020-13292)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow. (CVE-2020-13292) Note that Nessus has not tested for this issue but has...

SUSE SLED12 / SLES12 Security Update : python (SUSE-SU-2024:1667-1)

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1667-1 advisory. A use-after-free exists in Python through 3.9 via heappushpop in heapq. (CVE-2022-48560) The email module...

CVE-2024-34058

The WebTop package for NethServer 7 and 8 allows stored XSS (for example, via the Subject field if an e-mail...

Fuji Xerox / Fujifilm Printers Multiple Vulnerabilities (Mar 2024)

Multiple Fuji Xerox / Fujifilm printers are prone to multiple vulnerabilities in the Web Based...

CVE-2024-34058

The WebTop package for NethServer 7 and 8 allows stored XSS (for example, via the Subject field if an e-mail...

CVE-2024-4923

A vulnerability has been found in Codezips E-Commerce Site 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/addproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack can be initiated remotely. The exploit has been.....

CVE-2024-4923

A vulnerability has been found in Codezips E-Commerce Site 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/addproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack can be initiated remotely. The exploit has been.....

CVE-2024-4923 Codezips E-Commerce Site addproduct.php unrestricted upload

A vulnerability has been found in Codezips E-Commerce Site 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/addproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack can be initiated remotely. The exploit has been.....

CVE-2024-4923 Codezips E-Commerce Site addproduct.php unrestricted upload

A vulnerability has been found in Codezips E-Commerce Site 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/addproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack can be initiated remotely. The exploit has been.....

Security Bulletin: AIX is vulnerable to arbitrary command execution due to invscout (CVE-2024-27260)

Summary A vulnerability in the AIX invscout command could allow a non-privileged local user to execute arbitrary commands (CVE-2024-27260). Vulnerability Details ** CVEID: CVE-2024-27260 DESCRIPTION: **IBM AIX could allow a non-privileged local user to exploit a vulnerability in the invscout...

Tracking the Progression of Earth Hundun's Cyberespionage Campaign in 2024

This report describes how Waterbear and Deuterbear — two of the tools in Earth Hundun's arsenal — operate, based on a campaign from...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1650-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1650-1 advisory. In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1659-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1659-1 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi:...

AIX is vulnerable to arbitrary command execution due to invscout (CVE-2024-27260)

IBM SECURITY ADVISORY First Issued: Wed May 15 17:28:09 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/invscout_advisory6.asc Security Bulletin: AIX is vulnerable to arbitrary command execution due to invscout...

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware

June 2024 update: At the end of May 2024, Microsoft Threat Intelligence observed Storm-1811 using Microsoft Teams as another vector to contact target users. Microsoft assesses that the threat actor uses Teams to send messages and initiate calls in an attempt to impersonate IT or help desk...

Exploit for CVE-2024-22026

CVE-2024-22026 **Exploit POC for CVE-2024-22026 affecting...

Hakuin - A Blazing Fast Blind SQL Injection Optimization And Automation Framework

Hakuin is a Blind SQL Injection (BSQLI) optimization and automation framework written in Python 3. It abstracts away the inference logic and allows users to easily and efficiently extract databases (DB) from vulnerable web applications. To speed up the process, Hakuin utilizes a variety of...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1644-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1644-1 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6766-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6766-2 advisory. In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able...

Unbreakable Enterprise kernel security update

[5.15.0-206.153.7] - mmc: core: Initialize mmc_blk_ioc_data (Mikko Rapeli) - ahci: asm1064: asm1166: don't limit reported ports (Conrad Kostecki) - mmc: core: Fix switch on gp3 partition (Dominique Martinet) - Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (Michael....

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1641-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1641-1 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.8)

The version of AOS installed on the remote host is prior to 6.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.8 advisory. Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in...

Cisco Integrated Management Controller Web-Based Management Interface Command Injection (cisco-sa-cimc-cmd-inj-bLuPcb)

According to its self-reported version, the Cisco Integrated Management Controller Web-Based Management Interface is affected by a command injection vulnerability. Due to insufficient user input validation, an authenticated, remote attacker with Administrator-level privileges could perform command....

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1642-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1642-1 advisory. In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4...

CVE-2022-28132

The T-Soft E-Commerce 4 web application is susceptible to SQL injection (SQLi) attacks when authenticated as an admin or privileged user. This vulnerability allows attackers to access and manipulate the database through crafted requests. By exploiting this flaw, attackers can bypass authentication....

CVE-2022-28132

The T-Soft E-Commerce 4 web application is susceptible to SQL injection (SQLi) attacks when authenticated as an admin or privileged user. This vulnerability allows attackers to access and manipulate the database through crafted requests. By exploiting this flaw, attackers can bypass authentication....

CVE-2024-1630

Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device...

CVE-2024-1629

Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device...

CVE-2024-34717

PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random secure_key parameter in the url. This issue is patched in version 8.1.6. No known workarounds are...

CVE-2024-34716

PrestaShop is an open source e-commerce web application. A cross-site scripting (XSS) vulnerability that only affects PrestaShops with customer-thread feature flag enabled is present starting from PrestaShop 8.1.0 and prior to PrestaShop 8.1.6. When the customer thread feature flag is enabled...

CVE-2024-34716

PrestaShop is an open source e-commerce web application. A cross-site scripting (XSS) vulnerability that only affects PrestaShops with customer-thread feature flag enabled is present starting from PrestaShop 8.1.0 and prior to PrestaShop 8.1.6. When the customer thread feature flag is enabled...

CVE-2024-34717

PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random secure_key parameter in the url. This issue is patched in version 8.1.6. No known workarounds are...

CVE-2024-1628

OS command injection vulnerabilities in GE HealthCare ultrasound...

CVE-2024-1486

Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound...

CVE-2024-34717 Anonymous PrestaShop customer can download other customers' invoices

PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random secure_key parameter in the url. This issue is patched in version 8.1.6. No known workarounds are...

CVE-2024-34717 Anonymous PrestaShop customer can download other customers' invoices

PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random secure_key parameter in the url. This issue is patched in version 8.1.6. No known workarounds are...