H60 (honor 6), P9 Plus Security Vulnerabilities

CVE-2020-14383 affecting package samba 4.12.5-6

CVE-2020-14383 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-14323 affecting package samba 4.12.5-6

CVE-2020-14323 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-14318 affecting package samba 4.12.5-6

CVE-2020-14318 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-25719 affecting package samba 4.12.5-6

CVE-2020-25719 affecting package samba 4.12.5-6. No patch is available...

CVE-2016-2124 affecting package samba 4.12.5-6

CVE-2016-2124 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-43566 affecting package samba 4.12.5-6

CVE-2021-43566 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5

CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5. No patch is available...

CVE-2021-3671 affecting package samba 4.12.5-6

CVE-2021-3671 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-20277 affecting package samba 4.12.5-6

CVE-2021-20277 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-20254 affecting package samba 4.12.5-6

CVE-2021-20254 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-44141 affecting package samba 4.12.5-6

CVE-2021-44141 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-25722 affecting package samba 4.12.5-6

CVE-2020-25722 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-27840 affecting package samba 4.12.5-6

CVE-2020-27840 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-25717 affecting package samba 4.12.5-6

CVE-2020-25717 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-44142 affecting package samba 4.12.5-6

CVE-2021-44142 affecting package samba 4.12.5-6. No patch is available...

CVE-2018-14628 affecting package samba 4.12.5-6

CVE-2018-14628 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-1615 affecting package samba 4.12.5-6

CVE-2022-1615 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-3670 affecting package samba 4.12.5-6

CVE-2021-3670 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-17049 affecting package samba 4.12.5-6

CVE-2020-17049 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-3738 affecting package samba 4.12.5-6

CVE-2021-3738 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-23192 affecting package samba 4.12.5-6

CVE-2021-23192 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-12825 affecting package libcroco 0.6.13-6

CVE-2020-12825 affecting package libcroco 0.6.13-6. No patch is available...

CVE-2022-32743 affecting package samba 4.12.5-6

CVE-2022-32743 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-0336 affecting package samba 4.12.5-6

CVE-2022-0336 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-32744 affecting package samba 4.12.5-6

CVE-2022-32744 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-20316 affecting package samba 4.12.5-6

CVE-2021-20316 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-28506 affecting package giflib 5.2.1-6

CVE-2022-28506 affecting package giflib 5.2.1-6. No patch is available...

CVE-2022-2031 affecting package samba 4.12.5-6

CVE-2022-2031 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-32746 affecting package samba 4.12.5-6

CVE-2022-32746 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-3857 affecting package libpng for versions less than 1.6.39-1

CVE-2022-3857 affecting package libpng for versions less than 1.6.39-1. No patch is available...

CVE-2023-0286 affecting package reaper 3.1.1-6

CVE-2023-0286 affecting package reaper 3.1.1-6. This CVE either no longer is or was never...

CVE-2022-3437 affecting package samba 4.12.5-6

CVE-2022-3437 affecting package samba 4.12.5-6. No patch is available...

CVE-2023-22466 affecting package rpm-ostree 2022.1-6

CVE-2023-22466 affecting package rpm-ostree 2022.1-6. This CVE either no longer is or was never...

CVE-2022-42898 affecting package samba 4.12.5-6

CVE-2022-42898 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-32742 affecting package samba 4.12.5-6

CVE-2022-32742 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-25718 affecting package samba 4.12.5-6

CVE-2020-25718 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-4515 affecting package ctags 5.8-6

CVE-2022-4515 affecting package ctags 5.8-6. No patch is available...

CVE-2020-8563 affecting package kubernetes-1.18.17 1.18.17-6

CVE-2020-8563 affecting package kubernetes-1.18.17 1.18.17-6. No patch is available...

CVE-2023-44487 affecting package opa for versions less than 0.50.2-6

CVE-2023-44487 affecting package opa for versions less than 0.50.2-6. A patched version of the package is...

CVE-2023-39325 affecting package opa for versions less than 0.50.2-6

CVE-2023-39325 affecting package opa for versions less than 0.50.2-6. A patched version of the package is...

Researchers Warn of Flaws in Widely Used Industrial Gas Analysis Equipment

Multiple security flaws have been disclosed in Emerson Rosemount gas chromatographs that could be exploited by malicious actors to obtain sensitive information, induce a denial-of-service (DoS) condition, and even execute arbitrary commands. The flaws impact GC370XA, GC700XA, and GC1500XA and...

CVE-2024-37370

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-37371

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-39209

luci-app-sms-tool v1.9-6 was discovered to contain a command injection vulnerability via the score...

CVE-2024-39209

luci-app-sms-tool v1.9-6 was discovered to contain a command injection vulnerability via the score...

PSF-2024-6

CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to...

Decoding OWASP – A Security Engineer’s Roadmap to Application Security

In a time where over 60% of data breaches are linked to software vulnerabilities and a single overlooked software vulnerability can expose sensitive data, the imperative of robust application security cannot be overstated. The 2023 IBM Security Cost of a Data Breach Report highlights that...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server

Summary Multiple vulnerabilities within WebSphere Application and IBM HTTP Server and Java which is included as part of IBM Tivoli Monitoring (ITM) portal server. have been remediated. Vulnerability Details ** CVEID: CVE-2024-22354 DESCRIPTION: **IBM WebSphere Application Server 8.5, 9.0 and IBM...

An Inside Look at The Malware and Techniques Used in the WordPress.org Supply Chain Attack

On Monday June 24th, 2024 the Wordfence Threat Intelligence team was made aware of the presence of malware in the Social Warfare repository plugin (see post Supply Chain Attack on WordPress.org Plugins Leads to 5 Maliciously Compromised WordPress Plugins). After adding the malicious code to our...

Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz

The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler McGraw, Sarah Lee, and Thomas Elkins. Executive Summary On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious activity in a customer environment. Our investigation identified that the...