Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Security Vulnerabilities

CVE-2024-37645

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog...

CVE-2024-37641

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at...

CVE-2024-37643

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth...

CVE-2024-37645

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog...

CVE-2024-37641

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at...

CVE-2024-37644

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as...

CVE-2024-37644

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as...

CVE-2024-37640

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function...

CVE-2024-37640

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function...

CVE-2024-37637

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function...

CVE-2024-37639

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function...

CVE-2024-37637

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function...

CVE-2024-37639

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function...

fence-agents security update

An update is available for fence-agents. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fence-agents packages provide a collection of scripts for handling.....

fence-agents security and bug fix update

An update is available for fence-agents. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fence-agents packages provide a collection of scripts for handling.....

Why Regulated Industries are Turning to Military-Grade Cyber Defenses

As cyber threats loom large and data breaches continue to pose increasingly significant risks. Organizations and industries that handle sensitive information and valuable assets make prime targets for cybercriminals seeking financial gain or strategic advantage. Which is why many highly regulated.....

North Korean Hackers Target Brazilian Fintech with Sophisticated Phishing Tactics

Threat actors linked to North Korea have accounted for one-third of all the phishing activity targeting Brazil since 2020, as the country's emergence as an influential power has drawn the attention of cyber espionage groups. "North Korean government-backed actors have targeted the Brazilian...

Microsoft Delays AI-Powered Recall Feature for Copilot+ PCs Amid Security Concerns

Microsoft on Thursday revealed that it's delaying the rollout of the controversial artificial intelligence (AI)-powered Recall feature for Copilot+ PCs. To that end, the company said it intends to shift from general availability to a preview available first in the Windows Insider Program (WIP) in.....

CVE-2024-37642

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability via the ipv4_ping, ipv6_ping parameter at /formSystemCheck...

Popup Builder – Create highly converting, mobile friendly marketing popups < 4.3.2 - Missing Authorization and Nonce Exposure

Description The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 4.3.1. While some functions contain a.....

CVE-2024-37640

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function...

AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)

...

AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.

...

AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)

...

CVE-2024-37644

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as...

Rocky Linux 8 : fence-agents (RLSA-2024:2968)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2968 advisory. * urllib3: Request body not stripped after redirect from 303 status changes request method to GET (CVE-2023-45803) * pycryptodome: side-channel...

AEGON LIFE 1.0 Remote Code Execution

...

AEGON LIFE v1.0 Life Insurance Management System - Remote Code Execution Vulnerability

...

AlmaLinux 9 : fence-agents (ALSA-2024:3820)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3820 advisory. * jinja2: accepts keys containing non-attribute characters (CVE-2024-34064) Tenable has extracted the preceding description block directly from the AlmaLinux...

AEGON LIFE v1.0 Life Insurance Management System - SQL injection Vulnerability

...

CVE-2024-37644

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as...

CVE-2024-37637

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function...

AEGON LIFE 1.0 Cross Site Scripting

...

CVE-2024-37645

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog...

CVE-2024-37642

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability via the ipv4_ping, ipv6_ping parameter at /formSystemCheck...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2019-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2019-1 advisory. The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following...

CVE-2024-37637

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function...

CVE-2024-37639

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function...

CVE-2024-37643

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth...

AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting Vulnerability

...

AEGON LIFE 1.0 SQL Injection

...

CVE-2024-37639

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function...

CVE-2024-37640

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function...

CVE-2024-37641

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at...

CVE-2024-37643

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth...

CVE-2024-37645

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog...

Rocky Linux 9 : fence-agents (RLSA-2024:3820)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3820 advisory. * jinja2: accepts keys containing non-attribute characters (CVE-2024-34064) Tenable has extracted the preceding description block directly from the Rocky Linux...

CVE-2024-37641

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at...

CVE-2024-5951

Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...

CVE-2024-5951

Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...