SIMATIC PC-Station Plus Security Vulnerabilities

K000139627: NGINX HTTP/3 QUIC vulnerability CVE-2024-34161

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit (MTU) of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously...

CVE-2024-31079

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacker....

EulerOS Virtualization 2.11.0 : grub2 (EulerOS-SA-2024-1726)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set- bootflag will create a...

CVE-2024-35200

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate. Notes Author| Note ---|--- sbeattie | QUIC support was added in nginx...

K000139628: Out-of-band Security Notification (May 29, 2024)

Security Advisory Description On May 29, 2024, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles. You can watch...

EulerOS Virtualization 2.11.1 : kernel (EulerOS-SA-2024-1734)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation...

K000139612: NGINX HTTP/3 QUIC vulnerability CVE-2024-35200

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate. (CVE-2024-35200) Note: This issue affects NGINX systems compiled with the ngx_http_v3_module module, where the...

K000139609: NGINX HTTP/3 QUIC vulnerability CVE-2024-32760

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause other potential impact. (CVE-2024-32760) Note: This issue affects NGINX systems compiled with the.....

K000139810: Oracle Java vulnerability CVE-2024-20919

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK:.....

K000139611: NGINX HTTP/3 QUIC vulnerability CVE-2024-31079

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection...

CVE-2024-32760

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact. Notes Author| Note ---|--- sbeattie | QUIC support was added in nginx...

CVE-2024-23580

HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of One-Time Passwords (OTPs). This could allow an attacker with access to the database to recover some or all encrypted...

CVE-2024-23580

HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of One-Time Passwords (OTPs). This could allow an attacker with access to the database to recover some or all encrypted...

CVE-2024-23579

HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions. This could allow an attacker with access to the database to recover some or all encrypted...

CVE-2024-23579

HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions. This could allow an attacker with access to the database to recover some or all encrypted...

CVE-2024-23580 HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of One-Time Passwords (OTPs)

HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of One-Time Passwords (OTPs). This could allow an attacker with access to the database to recover some or all encrypted...

CVE-2024-23580 HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of One-Time Passwords (OTPs)

HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of One-Time Passwords (OTPs). This could allow an attacker with access to the database to recover some or all encrypted...

CVE-2024-23579 HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions

HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions. This could allow an attacker with access to the database to recover some or all encrypted...

CVE-2024-23579 HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions

HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions. This could allow an attacker with access to the database to recover some or all encrypted...

CVE-2024-35548

A SQL injection vulnerability in Mybatis plus versions below 3.5.6 allows remote attackers to obtain database information via a Boolean blind injection. NOTE: the vendor's position is that this can only occur in a misconfigured application; the documentation discusses how to develop applications...

CVE-2024-35548

A SQL injection vulnerability in Mybatis plus versions below 3.5.6 allows remote attackers to obtain database information via a Boolean blind injection. NOTE: the vendor's position is that this can only occur in a misconfigured application; the documentation discusses how to develop applications...

libigl PlyFile ply_cast_ascii out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1879 libigl PlyFile ply_cast_ascii out-of-bounds write vulnerability May 28, 2024 CVE Number CVE-2023-49600 SUMMARY An out-of-bounds write vulnerability exists in the PlyFile ply_cast_ascii functionality of libigl v2.5.0. A specially crafted .ply file can lead....

Oracle Linux 8 : container-tools:ol8 (ELSA-2024-2988)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2988 advisory. The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type...

Oracle Linux 8 : grub2 (ELSA-2024-3184)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3184 advisory. - Fix CVE-2022-3775 [Orabug: 34867710] - Add CVE-2020-15706, CVE-2020-15707 to the list [Orabug: 31225072] - (CVE-2023-4692) - grub-set-bootflag: Fix...

Oracle Linux 8 : python39:3.9 / and / python39-devel:3.9 (ELSA-2024-2985)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2985 advisory. mod_wsgi [4.7.1-7] - Bump release for rebuild Resolves: rhbz#2213595 [4.7.1-6] - Remove rpath Resolves: rhbz#2213837 [4.7.1-5] - Core...

Oracle Linux 8 : python27:2.7 (ELSA-2024-2987)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2987 advisory. babel [2.5.1-10] - Fix CVE-2021-20095 Resolves: rhbz#1955615 [2.5.1-9] - Bumping due to problems with modular RPM upgrade path - Resolves:...

libigl readOFF stack-based buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1784 libigl readOFF stack-based buffer overflow vulnerabilities May 28, 2024 CVE Number CVE-2023-35950,CVE-2023-35953,CVE-2023-35952,CVE-2023-35951,CVE-2023-35949 SUMMARY Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp...

K000139794: Mozilla NSS vulnerability CVE-2023-5388

Security Advisory Description NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. (CVE-2023-5...

CVE-2024-36037

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session...

CVE-2024-36037

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session...

CVE-2024-36036

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent...

CVE-2024-36036

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent...

CVE-2024-27310

Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP...

CVE-2024-27310

Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP...

CVE-2024-36037 Insufficient Access Control Vulnerability

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session...

CVE-2024-36037 Insufficient Access Control Vulnerability

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session...

CVE-2024-36036 Insufficient Access Control Vulnerability

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent...

CVE-2024-36036 Insufficient Access Control Vulnerability

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent...

CVE-2024-27310 DOS Vulnerability

Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP...

CVE-2024-27310 DOS Vulnerability

Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP...

Message board scams

Marketplace fraud is nothing new. Cybercriminals swindle money out of buyers and sellers alike. Lately, we've seen a proliferation of cybergangs operating under the Fraud-as-a-Service model and specializing in tricking users of online marketplaces, in particular, message boards. Criminals are...

CVE-2021-47572

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled (!CONFIG_IPV6) we'll hit a NULL pointer dereference[1] in the error path of nh_create_ipv6() due to...

CVE-2021-47566

In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: fix clearing user buffer by properly using clear_user() To clear a user buffer we cannot simply use memset, we have to use clear_user(). With a virtio-mem device that registers a vmcore_cb and has some logically...

CVE-2021-47564

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in prestera_bridge_port_join() that cases prestera driver to crash (see below). Trace: Internal error: Oops: 96000044 [#1] SMP Modules linked in:...

CVE-2021-47517

In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period between a net device starts to be unregistered and when it is actually gone. In that time frame ethtool operations could still be...

CVE-2021-47507

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix nsfd startup race (again) Commit bd5ae9288d64 ("nfsd: register pernet ops last, unregister first") has re-opened rpc_pipefs_event() race against nfsd_net_id registration (register_pernet_subsys()) which has been fixed by....

CVE-2021-47540

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode Fix the following NULL pointer dereference in mt7915_get_phy_mode routine adding an ibss interface to the mt7915 driver. [ 101.137097] wlan0: Trigger new scan to...

CVE-2021-47531

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix mmap to include VM_IO and VM_DONTDUMP In commit 510410bfc034 ("drm/msm: Implement mmap as GEM object function") we switched to a new/cleaner method of doing things. That's good, but we missed a little bit. Before that....

CVE-2021-47440

In the Linux kernel, the following vulnerability has been resolved: net: encx24j600: check error in devm_regmap_init_encx24j600 devm_regmap_init may return error which caused by like out of memory, this will results in null pointer dereference later when reading or writing register: general...

CVE-2021-47435

In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result in a crash due to...