Ryzen™ 7000 Series Desktop Processors With Radeon™ Graphics Formerly Codenamed “Raphael” X3D Security Vulnerabilities

CVE-2024-29176

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a buffer overflow vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to an application crash or execution of arbitrary code on the vulnerable...

CVE-2024-5173

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video player widget settings in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-5173

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video player widget settings in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-5173 HT Mega – Absolute Addons For Elementor <= 2.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Player Widget Settings

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video player widget settings in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-5173 HT Mega – Absolute Addons For Elementor <= 2.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Player Widget Settings

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video player widget settings in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

openvpn vulnerability

It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use this issue to bypass authentication using incomplete...

Security Bulletin: IBM Security Verify Access is vulnerable to multiple Security Vulnerabilities

Summary The IBM Security Verify Access Appliance and IBM Security Verify Access Container has addressed multiple vulnerabilities in release 10.0.0.8. Vulnerability Details ** CVEID: CVE-2024-31883 DESCRIPTION: **IBM Security Verify Access, under certain configurations, could allow an...

CVE-2024-38526

pdoc provides API Documentation for Python Projects. Documentation generated with pdoc --math linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. This issue has been fixed in pdoc...

CVE-2024-38526

pdoc provides API Documentation for Python Projects. Documentation generated with pdoc --math linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. This issue has been fixed in pdoc...

SUSE SLES12 Security Update : kernel (Live Patch 51 for SLE 12 SP5) (SUSE-SU-2024:2202-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2202-1 advisory. This update for the Linux Kernel 4.12.14-122_186 fixes several issues. The following security issues were fixed: - CVE-2021-46955: Fixed an...

Mageia: Security Advisory (MGASA-2024-0238)

The remote host is missing an update for...

Imagestream Export or Restore Fails With "error writing layer: no space left on device"

During the export or restore of an image stream, a temporary persistent volume will be created using the default storage class. In some instances, the allocated size of that temporary intermediate volume created for exporting or restoring images is insufficient for the intended image...

Hanwha Vision IP Cameras Command Injection (CVE-2023-5747)

Bashis, a Security Researcher at IPVM has found a flaw that allows for a remote code execution during the installation of Wave on the camera device. The Wave server application in camera device was vulnerable to command injection allowing an attacker to run arbitrary code. HanwhaVision has...

SolarWinds Platform 2024.1 SR1 - Race Condition Expoit

...

Hanwha Vision Web Viewer Cross-site Scripting (CVE-2018-11689)

Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi- bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsung to Hanwha.) This plugin only works with Tenable.ot. Please visit...

Progress Software Corporation WhatsUp Gold AppProfileImport path traversal vulnerability

Talos Vulnerability Report TALOS-2024-1932 Progress Software Corporation WhatsUp Gold AppProfileImport path traversal vulnerability June 26, 2024 CVE Number CVE-2024-5017 SUMMARY A path traversal vulnerability exists in the AppProfileImport functionality of Progress Software Corporation WhatsUp...

Hanwha Vision NVR Remote Code Execution (CVE-2023-6095)

An attacker could inject arbitrary attack code by manipulating HTTP headers. However, in order to succeed in the attack, the base address of the stack memory must be obtained. The default address depends on firmware version, configuration option information, and the attack is unlikely to succeed......

Ubuntu 14.04 LTS / 16.04 LTS : OpenVPN vulnerability (USN-6850-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6850-1 advisory. It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly...

ThroughTek P2P SDK Cleartext Transmission of Sensitive Information (CVE-2021-32934)

ThroughTek supplies multiple original equipment manufacturers of IP cameras & recorders with P2P connections as part of its cloud platform. Successful exploitation of this vulnerability could permit unauthorized access to sensitive information, such as camera audio/video feeds. This plugin only...

CVE-2024-34581

The W3C XML Signature Syntax and Processing (XMLDsig) specification, starting with 1.0, was originally published with a "RetrievalMethod is a URI ... that may be used to obtain key and/or certificate information" statement and no accompanying information about SSRF risks, and this may have...

Hanwha Vision Multiple Products Denial of Service (CVE-2023-31994)

Certain Hanwha products are vulnerable to Denial of Service (DoS). ck vector is: When an empty UDP packet is sent to the listening service, the service thread results in a non-functional service (DoS) via WS Discovery and Hanwha proprietary discovery services. This affects IP Camera ANE-L7012R...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : avahi (SUSE-SU-2024:2200-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2200-1 advisory. - CVE-2023-38471: Fixed a reachable assertion in dbus_set_host_name. (bsc#1216594) -...

Hanwha Vision NVR Remote Code Execution (CVE-2023-6116)

An attacker could inject arbitrary attack code by manipulating http url parameters. However, in order to succeed in the attack, the base address of the stack memory must be obtained. The default address depends on firmware version, configuration option information, and the attack is unlikely to...

RHEL 9 : kernel-rt (RHSA-2024:4106)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4106 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

SolarWinds Platform 2024.1 SR1 Race Condition

...

Debian dla-3844 : git - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3844 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3844-1 [email protected] ...

Hanwha Vision Multiple Products Command Injection (CVE-2023-31996)

Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Command Injection due to improper sanitization of special characters for the NAS storage test function. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

MLflow Default Credentials

By default, MLflow does not require authentication to access the application. When enabling authentication, MLflow will enforce a basic authentication with default credentials. If not updated, a remote and unauthenticated attacker could access the MLflow UI and peform arbitrary actions on...

Vulnerability in OpenSSL CVE-2024-5535

Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the...

RHEL 8 : kernel (RHSA-2024:4107)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4107 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: race condition in...

Hanwha Vision NVR Buffer Overflow (CVE-2019-12223)

The NVR can be rebooted via external attack continuously if it can be access via the public network. During the time, video transmission and recording will not be operated. Also, Exploiting the vulnerability is trivial and requires very low skill level. The listed NVR is vulnerable to allow...

OpenVPN vulnerability

Releases Ubuntu 16.04 ESM Ubuntu 14.04 ESM Packages openvpn - virtual private network software Details It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use this issue to bypass authentication using...

Hanwha Vision Multiple Products Cross-site Scripting (CVE-2023-31995)

Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Cross Site Scripting (XSS). This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Progress MOVEit Transfer 2023.0.x < 2023.0.11 / 2023.1.x < 2023.1.6 / 2024.0.x < 2024.0.2 Authentication Bypass (June 2024)

The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is affected by an authentication bypass vulnerability as referenced in Progress Community article 000259290. Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead.....

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.6)

The version of AOS installed on the remote host is prior to 6.5.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.6 advisory. There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and...

SolarWinds Platform 2024.1 SR1 - Race Condition

...

RHEL 8 / 9 : Red Hat Ceph Storage 5.3 (RHSA-2024:4118)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4118 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage...

ROS-20240626-09

Vulnerability of opj2_decompress program of OpenJPEG image encoding and decoding library is related to incorrect processing of a directory with a large number of files. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service Vulnerability of -ImgDir...

Hanwha Techwin SRN-4000 Improper Access Control (CVE-2017-7912)

A security research organization has discovered and disclosed a critical vulnerability in the firmware of certain Hanwha network video recording (NVR) devices. A specially crafted http request and response could allow an attacker to gain access to the device management page with admin privileges...

RHEL 9 : kernel (RHSA-2024:4108)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4108 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: netfilter: nf_tables: use...

CVE-2024-34581

The W3C XML Signature Syntax and Processing (XMLDsig) specification, starting with 1.0, was originally published with a "RetrievalMethod is a URI ... that may be used to obtain key and/or certificate information" statement and no accompanying information about SSRF risks, and this may have...

SUSE SLES15 Security Update : openssl-1_1-livepatches (SUSE-SU-2024:2197-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:2197-1 advisory. - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) Tenable has extracted the preceding description block directly from the...

ThroughTek Kalay P2P SDK Improper Access Control (CVE-2021-28372)

ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek (TUTK) device given a valid 20-byte uniquely assigned identifier (UID). This could result in an attacker hijacking a victim's connection and forcing them into supplying credentials needed to access...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2189-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2189-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: .....

Gitlab -- Vulnerabilities

Gitlab reports: Run pipelines as any user Stored XSS injected in imported project's commit notes CSRF on GraphQL API IntrospectionQuery Remove search results from public projects with unauthorized repos Cross window forgery in user application OAuth flow Project maintainers can bypass group's...

Progress Software Corporation WhatsUp Gold TestController multiple information disclosure vulnerabilities

Talos Vulnerability Report TALOS-2024-1933 Progress Software Corporation WhatsUp Gold TestController multiple information disclosure vulnerabilities June 26, 2024 CVE Number CVE-2024-5010 SUMMARY An information disclosure vulnerability exists in the TestController functionality of Progress...

AMD Processors February 2024 Security Updates

AMD has informed HP of potential vulnerabilities identified in client platform firmware for some AMD processors, which might allow escalation of privilege, arbitrary code execution, denial of service, and/or information disclosure. AMD is releasing firmware updates to mitigate these...

Atlassian Jira < 9.4.21 / 9.12.x < 9.12.8 / 9.15.x < 9.16.0 (JRASERVER-77713)

The version of Atlassian Jira Server running on the remote host is affected by a vulnerability as referenced in the JRASERVER-77713 advisory. This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information...

ROS-20240626-10

A vulnerability in the getUnpushedChanges() function of the dependency manager for PHP Composer is related to the use of the status and reinstall commands. status, reinstall and remove commands. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary...

SUSE: Security Advisory (SUSE-SU-2024:2198-1)

The remote host is missing an update for...