SIMATIC ET200ecoPN, DI 16x24VDC, M12-L Security Vulnerabilities

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Bind vulnerabilities (USN-6723-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6723-1 advisory. Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause...

tddpd enable_test_mode command execution vulnerability

Talos Vulnerability Report TALOS-2023-1862 tddpd enable_test_mode command execution vulnerability April 9, 2024 CVE Number CVE-2023-49133,CVE-2023-49134 SUMMARY A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12271)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12271 advisory. [5.4.17-2136.330.7.1] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6725-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6725-1 advisory. Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when...

Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6724-1)

The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6724-1 advisory. Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any...

Linux kernel vulnerabilities

Releases Ubuntu 20.04 LTS Ubuntu 18.04 ESM Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-azure-5.4 - Linux kernel...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6726-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6726-1 advisory. Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part...

Debian dla-3783 : expat - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3783 advisory. libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple...

Linux kernel vulnerabilities

Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages linux - Linux kernel linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-azure-5.15 - Linux kernel for Microsoft Azure cloud systems linux-azure-fde - Linux kernel for Microsoft Azure CVM cloud systems linux-azure-fde-5.15 -...

[slackware-security] libarchive

New libarchive packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libarchive-3.7.3-i586-1_slack15.0.txz: Upgraded. This update fixes a security issue: Fix possible vulnerability in tar error...

Debian dla-3739 : libjwt-dev - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3739 advisory. libjwt 1.15.3 uses strcmp (which is not constant time) to verify authentication, which makes it easier to bypass authentication via a timing side channel....

Ubuntu 14.04 LTS : Django vulnerability (USN-6722-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6722-1 advisory. Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's...

Debian dla-3770 : libnet-cidr-lite-perl - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3770 advisory. The Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some...

Slackware: Security Advisory (SSA:2024-096-01)

The remote host is missing an update for...

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.330.7.1.el7] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Enumerate...

Unbreakable Enterprise kernel security update

[5.4.17-2136.330.7.1] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Enumerate Branch...

Slackware Linux 15.0 / current libarchive Vulnerability (SSA:2024-099-01)

The version of libarchive installed on the remote host is prior to 3.7.3. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-099-01 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.330.7.1.el8] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Enumerate...

GDBFuzz - Fuzzing Embedded Systems Using Hardware Breakpoints

This is the companion code for the paper: 'Fuzzing Embedded Systems using Debugger Interfaces'. A preprint of the paper can be found here https://publications.cispa.saarland/3950/. The code allows the users to reproduce and extend the results reported in the paper. Please cite the above paper when....

Debian dla-3782 : bsdutils - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3782 advisory. An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads...

l-santehnik.ru Cross Site Scripting vulnerability OBB-3907010

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Debian dla-3780 : jetty9 - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3780 advisory. Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can...

Debian dla-3779 : libtomcat9-embed-java - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3779 advisory. Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to...

Exploit for CVE-2024-30850

https://github.com/chebuya/CVE-2024-30850-chaos-rat-rce-poc/asse......

[slackware-security] tigervnc

New tigervnc packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/tigervnc/tigervnc-1.12.0-i586-6_slack15.0.txz: Rebuilt. Recompiled against xorg-server-1.20.14, including the latest patches for several...

Slackware Linux 15.0 / current tigervnc Multiple Vulnerabilities (SSA:2024-096-01)

The version of tigervnc installed on the remote host is prior to 1.12.0 / 1.13.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-096-01 advisory. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() ...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : X.Org X Server vulnerabilities (USN-6721-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6721-1 advisory. A heap-based buffer over-read vulnerability was found in the X.org server's...

Slackware: Security Advisory (SSA:2024-095-02)

The remote host is missing an update for...

Slackware: Security Advisory (SSA:2024-095-01)

The remote host is missing an update for...

Mageia: Security Advisory (MGASA-2024-0089)

The remote host is missing an update for...

[slackware-security] nghttp2

New nghttp2 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/nghttp2-1.61.0-i586-1_slack15.0.txz: Upgraded. This update fixes security issues: nghttp2 library keeps reading the unbounded...

[slackware-security] httpd

New httpd packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/httpd-2.4.59-i586-1_slack15.0.txz: Upgraded. This update fixes security issues: HTTP/2 DoS by memory exhaustion on endless...

CoralRaider targets victims’ data and social media accounts

Cisco Talos discovered a new threat actor we're calling "CoralRaider" that we believe is of Vietnamese origin and financially motivated. CoralRaider has been operating since at least 2023, targeting victims in several Asian and Southeast Asian countries. This group focuses on stealing victims'...

Exploit for Embedded Malicious Code in Tukaani Xz

How to detect the CVE-2024-3094 I'll walk through the...

Ubuntu 20.04 LTS : Firefox regressions (USN-6710-2)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6710-2 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

Debian dsa-5654 : chromium - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5654 advisory. Inappropriate implementation in V8. (CVE-2024-3156) Use after free in Bookmarks. (CVE-2024-3158) Out of bounds memory access in V8. (CVE-2024-3159) Note...

Slackware: Security Advisory (SSA:2024-094-01)

The remote host is missing an update for...

Slackware Linux 15.0 / current xorg-server Multiple Vulnerabilities (SSA:2024-094-01)

The version of xorg-server installed on the remote host is prior to 1.20.14 / 21.1.12 / 21.1.4 / 23.2.5. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-094-01 advisory. Note that Nessus has not tested for these issues but has instead relied only on the...

Slackware Linux 15.0 / current nghttp2 Vulnerability (SSA:2024-095-02)

The version of nghttp2 installed on the remote host is prior to 1.61.0. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-095-02 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0...

Slackware Linux 15.0 / current httpd Multiple Vulnerabilities (SSA:2024-095-01)

The version of httpd installed on the remote host is prior to 2.4.59. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-095-01 advisory. Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP...

[slackware-security] xorg-server

New xorg-server packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/xorg-server-1.20.14-i586-12_slack15.0.txz: Rebuilt. This update fixes security issues: Heap buffer overread/data leakage in...

Debian dsa-5653 : gtkwave - security update

The remote Debian 11 / 12 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5653 advisory. An integer overflow vulnerability exists in the FST_BL_GEOM parsing maxhandle functionality of GTKWave 3.3.115, when compiled as a 32-bit binary. A...

CVE-2024-26657

In the Linux kernel, the following vulnerability has been resolved: drm/sched: fix null-ptr-deref in init entity The bug can be triggered by sending an amdgpu_cs_wait_ioctl to the AMDGPU DRM driver on any ASICs with valid context. The bug was reported by Joonkyo Jung . For example the following...

CVE-2024-26657

In the Linux kernel, the following vulnerability has been resolved: drm/sched: fix null-ptr-deref in init entity The bug can be triggered by sending an amdgpu_cs_wait_ioctl to the AMDGPU DRM driver on any ASICs with valid context. The bug was reported by Joonkyo Jung [email protected]. For...

CVE-2024-26657

In the Linux kernel, the following vulnerability has been resolved: drm/sched: fix null-ptr-deref in init entity The bug can be triggered by sending an amdgpu_cs_wait_ioctl to the AMDGPU DRM driver on any ASICs with valid context. The bug was reported by Joonkyo Jung [email protected]. For...

CVE-2024-26657

In the Linux kernel, the following vulnerability has been resolved: drm/sched: fix null-ptr-deref in init entity The bug can be triggered by sending an amdgpu_cs_wait_ioctl to the AMDGPU DRM driver on any ASICs with valid context. The bug was reported by Joonkyo Jung [email protected]. For...

CVE-2024-26657 drm/sched: fix null-ptr-deref in init entity

In the Linux kernel, the following vulnerability has been resolved: drm/sched: fix null-ptr-deref in init entity The bug can be triggered by sending an amdgpu_cs_wait_ioctl to the AMDGPU DRM driver on any ASICs with valid context. The bug was reported by Joonkyo Jung [email protected]. For...

Online Hotel Booking In PHP 1.0 - Blind SQL Injection (Unauthenticated) Exploit

...

Debian dsa-5652 : python-py7zr-doc - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5652 advisory. A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files...

Online Hotel Booking In PHP 1.0 - Blind SQL Injection (Unauthenticated)

...