Desknet's NEO Security Vulnerabilities

CVE-2022-40136

An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM...

CVE-2022-40135

An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM...

CVE-2022-40134

An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM...

Siemens OpenSSL Affected Industrial Products (Update E)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Siemens Industrial Products (Update C)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Siemens SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK (Update K)

EXECUTIVE SUMMARY --------- Begin Update K Part 1 of 2 --------- CVSS v3 8.8 --------- End Update K Part 1 of 2 --------- ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK Vulnerability: Unquoted Search Path or Element 2. UPDATE...

MSMAP - Memory WebShell Generator

Msmap is a Memory WebShell Generator. Compatible with various Containers, Components, Encoder, WebShell / Proxy / Killer and Management Clients. 简体中文 The idea behind I, The idea behind II...

The state of cryptojacking in the first three quarters of 2022

Cryptocurrency prices were dropping from the end of 2021 and throughout the first half of 2022. Although finance experts and retail investors estimate crypto to have a solid chance of recovery in the long term, at the time of writing this report the prices remain low. However, cybercriminals are...

Security update for the Linux Kernel (important)

An update that solves 32 vulnerabilities, contains two features and has 84 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2016-3695: Fixed an issue inside the...

Security update for the Linux Kernel (important)

An update that solves 17 vulnerabilities, contains one feature and has 29 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: CVE-2022-40768: Fixed information leak in the scsi driver which allowed local users...

Security update for the Linux Kernel (important)

An update that solves 26 vulnerabilities, contains two features and has 89 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2022-39190: Fixed an issue that was...

CVE-2022-23768

This Vulnerability in NIS-HAP11AC is caused by an exposed external port for the telnet service. Remote attackers use this vulnerability to induce all attacks such as source code hijacking, remote control of the...

CVE-2022-23768 Neo Information Sys. NIS-HAP11AC remote access and manipulation vulnerability

This Vulnerability in NIS-HAP11AC is caused by an exposed external port for the telnet service. Remote attackers use this vulnerability to induce all attacks such as source code hijacking, remote control of the...

neo-mart.net Cross Site Scripting vulnerability OBB-2906446

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Siemens UMC Stack (Update H)

EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: UMC Stack Vulnerabilities: Unquoted Search Path or Element, Uncontrolled Resource Consumption, Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a...

Siemens OpenSSL Vulnerabilities in Industrial Products (Update B)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

A Retrospective on the 2015 Ashley Madison Breach

It's been seven years since the online cheating site AshleyMadison.com was hacked and highly sensitive data about its users posted online. The leak led to the public shaming and extortion of many Ashley Madison users, and to at least two suicides. To date, little is publicly known about the...

Doenerium - Fully Undetected Grabber (Grabs Wallets, Passwords, Cookies, Modifies Discord Client Etc.)

Fully Undetected Grabber (Grabs Wallets, Passwords, Cookies, Modifies Discord Client Etc.) Features Stealer Discord Token Discord Info - Username, Phone number, Email, Billing, Nitro Status & Backup Codes Discord Friends with rare badges Grabs crypto wallets Zcash Armory Bytecoin Jaxx Exodus...

Russia Creates Malware False-Flag App

The Russian hacking group Turla released an Android app that seems to aid Ukrainian hackers in their attacks against Russian networks. It's actually malware, and provides information back to the Russians: The hackers pretended to be a "community of free people around the world who are fighting...

Why 8kun Went Offline During the January 6 Hearings

The latest Jan. 6 committee hearing on Tuesday examined the role of conspiracy theory communities like 8kun[.]top and TheDonald[.]win in helping to organize and galvanize supporters who responded to former President Trump's invitation to "be wild" in Washington, D.C. on that chaotic day. At the...

Siemens TIA Administrator (Update A)

EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATICS PCS neo (Admin Console), SINTEPLAN, TIA Portal Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory...

neo-heidelberg.de Cross Site Scripting vulnerability OBB-2700641

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2022-31787

IdeaTMS 2022 is vulnerable to SQL Injection via the...

CVE-2022-31787

IdeaTMS 2022 is vulnerable to SQL Injection via the...

Sql injection

IdeaTMS 2022 is vulnerable to SQL Injection via the...

CVE-2022-31787

IdeaTMS 2022 is vulnerable to SQL Injection via the...

Meet the Administrators of the RSOCKS Proxy Botnet

Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the "RSOCKS" botnet, a collection of millions of hacked devices that were sold as "proxies" to cybercriminals looking for ways to route their malicious traffic through someone else's computer....

CVE-2022-31788

IdeaLMS 2022 allows SQL injection via the IdeaLMS/ChatRoom/ClassAccessControl/6?isBigBlueButton=0&ClassID=...

CVE-2022-31788

IdeaLMS 2022 allows SQL injection via the IdeaLMS/ChatRoom/ClassAccessControl/6?isBigBlueButton=0&ClassID=...

Sql injection

IdeaLMS 2022 allows SQL injection via the IdeaLMS/ChatRoom/ClassAccessControl/6?isBigBlueButton=0&ClassID=...

CVE-2022-31788

IdeaLMS 2022 allows SQL injection via the IdeaLMS/ChatRoom/ClassAccessControl/6?isBigBlueButton=0&ClassID=...

Malicious code in neo-savant (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (269f6641d9eb5c43ea9441f3fe764f0ac3ee148fb8d52084b63c7c61bccf8b18) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

KrebsOnSecurity in New Netflix Series on Cybercrime

Netflix has a new documentary series airing next week -- "Web of Make Believe: Death, Lies & the Internet" -- in which Yours Truly apparently has a decent amount of screen time. The debut episode explores the far-too-common harassment tactic of "swatting" -- wherein fake bomb threats or hostage...

Ransomware-Simulator - Ransomware Simulator Written In Golang

The goal of this repository is to provide a simple, harmless way to check your AV's protection on ransomware. This tool simulates typical ransomware behaviour, such as: Staging from a Word document macro Deleting Volume Shadow Copies Encrypting documents (embedded and dropped by the simulator...

Security update for the Linux Kernel (important)

An update that solves 16 vulnerabilities, contains 6 features and has 25 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2020-27835: Fixed a use after free...

Security update for the Linux Kernel (important)

An update that solves 16 vulnerabilities, contains 6 features and has 29 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2022-29156: Fixed a double free related to...

Security update for the Linux Kernel (important)

An update that solves 14 vulnerabilities, contains one feature and has 61 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past...

Yubico ykneo-openpgp data forgery issue vulnerability

Yubico ykneo-openpgp is an open source security product from the Swedish company Yubico. It implements the OpenPGP card functionality used on YubiKey NEO devices sold by Yubico. A data forgery issue vulnerability exists in versions prior to Yubico ykneo-openpgp 1.0.10. The vulnerability stems from....

Siemens TIA Administrator Denial of Service Vulnerability

SIMATIC PCS neo is a distributed control system (DCS).TIA Administrator is a web-based framework.Siemens Network Planner (SINETPLAN) supports you as a planner of PROFINET-based automation systems.TIA Portal is a PC A denial of service vulnerability exists in Siemens TIA Administrator, which can be....

CVE-2022-27194

A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions < V3.1 SP1), SINETPLAN (All versions), TIA Portal (V15, V15.1, V16 and V17). The affected system cannot properly process specially crafted packets sent to port 8888/tcp. A remote attacker could exploit....

CVE-2022-27194

A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions < V3.1 SP1), SINETPLAN (All versions), TIA Portal (V15, V15.1, V16 and V17). The affected system cannot properly process specially crafted packets sent to port 8888/tcp. A remote attacker could exploit....

Design/Logic Flaw

A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions < V3.1 SP1), SINETPLAN (All versions), TIA Portal (V15, V15.1, V16 and V17). The affected system cannot properly process specially crafted packets sent to port 8888/tcp. A remote attacker could exploit....

CVE-2022-27194

A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions < V3.1 SP1), SINETPLAN (All versions), TIA Portal (V15, V15.1, V16 and V17). The affected system cannot properly process specially crafted packets sent to port 8888/tcp. A remote attacker could exploit....

Security update for the Linux Kernel (important)

An update that solves 17 vulnerabilities and has 62 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: CVE-2021-45485: Fixed an information leak because of certain use of a hash table which use IPv6 source...

Unauthorised AJAX Calls via Freemius

The plugins and themes use an insecure version of the Freemius Framework, which is lacking CSRF and/or authorisation in some of its AJAX actions. As a result, any authenticated users, such as subscriber could access the debug logs. Unauthenticated attackers could also make a logged in admin toggle....

WordPress Sync eCommerce NEO plugin <= 1.4 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Sync eCommerce NEO plugin (versions &lt;= 1.4). Solution No patched version...

WordPress Sync eCommerce NEO plugin <= 1.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress Sync eCommerce NEO plugin (versions &lt;= 1.4). Solution No patched version...

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.304.4.1] - Revert rds/ib: Kernel upgrade to rds_ib_conns info displayed by rds-info (Rohit Nair) [Orabug: 33832625] - cgroup-v1: Require capabilities to set release_agent (Eric W. Biederman) [Orabug: 33832582] {CVE-2022-0492} [5.4.17-2136.304.4] - scsi: libiscsi: Fix iscsi_task...

Unbreakable Enterprise kernel security update

[5.4.17-2136.304.4.1] - Revert rds/ib: Kernel upgrade to rds_ib_conns info displayed by rds-info (Rohit Nair) [Orabug: 33832625] - cgroup-v1: Require capabilities to set release_agent (Eric W. Biederman) [Orabug: 33832582] {CVE-2022-0492} [5.4.17-2136.304.4] - scsi: libiscsi: Fix iscsi_task...

CVE-2021-41057

In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking...