Scalance Xm-400, Xr-500 Security Vulnerabilities

CVE-2024-32972

go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version 1.13.15....

CVE-2024-32972 go-ethereum denial of service via malicious p2p message

go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version 1.13.15....

CVE-2024-32972 go-ethereum denial of service via malicious p2p message

go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version 1.13.15....

go-ethereum vulnerable to DoS via malicious p2p message

Impact A vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. More in-depth details will be released at a later time. Patches The fix has been included in geth version 1.13.15 and onwards. Workarounds No...

RHEL 8 : unbound (RHSA-2024:2696)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2696 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): * bind9: KeyTrap - Extreme CPU...

RHEL 9 : varnish (RHSA-2024:2700)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2700 advisory. Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and...

RHEL 8 : git-lfs (RHSA-2024:2699)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2699 advisory. Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while...

Google Announces Passkeys Adopted by Over 400 Million Accounts

Google on Thursday announced that passkeys are being used by over 400 million Google accounts, authenticating users more than 1 billion times over the past two years. "Passkeys are easy to use and phishing resistant, only relying on a fingerprint, face scan or a pin making them 50% faster than...

Vulnerabilities that (mostly) aren’t: LUCKY13

TL;DR LUCKY13 is more an attack than a vulnerability LUCKY13 was patched over a decade ago … so it’s really unlikely that your server is vulnerable now It's an implementation issue Disabling CBC ciphers is still a good idea … but not because of susceptibility to LUCKY13 There is no material risk...

CVE-2023-39477

Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this...

CVE-2023-39477

Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this...

CVE-2023-27369

NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2023-27369

NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2023-27334

Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this...

CVE-2023-27334

Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this...

CVE-2023-39477 Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability

Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this...

CVE-2023-39477 Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability

Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this...

CVE-2023-27369 NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability

NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2023-27369 NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability

NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2023-27334 Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability

Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this...

CVE-2023-27334 Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability

Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this...

HP Application Enabling Software Driver - Privileged File Overwrite

A potential security vulnerability has been identified in the HP Application Enabling Software Driver for certain HP PC products, which might allow escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability. Mitigation is available in HP Application...

Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw

Several popular Android applications available in Google Play Store are susceptible to a path traversal-affiliated vulnerability codenamed the Dirty Stream attack that could be exploited by a malicious app to overwrite arbitrary files in the vulnerable app's home directory. "The implications of...

C2-Cloud - The C2 Cloud Is A Robust Web-Based C2 Framework, Designed To Simplify The Life Of Penetration Testers

The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface. C2...

Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68380 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr java.base/sun.nio.cs.UTF_8.updatePositions...

Splunk Enterprise < 8.1.14, 8.2.0 < 8.2.11, 9.0.0 < 9.0.5 (SVD-2023-0613)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0613 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE...

Universal Forwarders < 8.1.14, 8.2.0 < 8.2.11, 9.0.0 < 9.0.5 (SVD-2023-0614)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0614 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE...

Universal Forwarder 8.2.0 < 8.2.12, 9.0.0 < 9.0.6, 9.1.0 < 9.1.1 (SVD-2023-0809)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0809 advisory. Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap...

RHEL 8 / 9 : OpenShift Container Platform 4.13.41 (RHSA-2024:2049)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2049 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

Splunk Enterprise 8.2.0 < 8.2.12, 9.0.0 < 9.0.6, 9.1.0 < 9.1.1 (SVD-2023-0808)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0808 advisory. decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS. (CVE-2022-38900) The got package...

RHCOS 4 : OpenShift Container Platform 4.12.56 (RHSA-2024:1899)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1899 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames....

RHEL 8 : nodejs:16 (RHSA-2024:2651)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2651 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security...

RHCOS 4 : OpenShift Container Platform 4.15.10 (RHSA-2024:1892)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1892 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames....

RHCOS 4 : OpenShift Container Platform 4.14.22 (RHSA-2024:1897)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1897 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of...

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps

Microsoft discovered a path traversal-affiliated vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s home directory. The implications of this vulnerability pattern include arbitrary code...

Yamux Memory Exhaustion Vulnerability via Active::pending_frames property

Summary Attack scenario The Rust implementation of the Yamux stream multiplexer uses a vector for pending frames. This vector is not bounded in length. Every time the Yamux protocol requires sending of a new frame, this frame gets appended to this vector. This can be remotely triggered in a number....

CVE-2024-32984

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. The Rust implementation of the Yamux stream multiplexer uses a vector for pending frames. This vector is not bounded in length. Every time the Yamux protocol requires sending of a new frame, this frame gets appended...

CVE-2024-32984

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. The Rust implementation of the Yamux stream multiplexer uses a vector for pending frames. This vector is not bounded in length. Every time the Yamux protocol requires sending of a new frame, this frame gets appended...

CVE-2024-32984 Yamux Memory Exhaustion Vulnerability via Active::pending_frames property

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. The Rust implementation of the Yamux stream multiplexer uses a vector for pending frames. This vector is not bounded in length. Every time the Yamux protocol requires sending of a new frame, this frame gets appended...

NextGen Healthcare Mirth Connect - Remote Code Execution

Unauthenticated remote code execution vulnerability in NextGen Healthcare Mirth Connect before version...

Tinyproxy HTTP request parsing uninitialized memory vulnerability

Talos Vulnerability Report TALOS-2023-1902 Tinyproxy HTTP request parsing uninitialized memory vulnerability May 1, 2024 CVE Number CVE-2023-40533 SUMMARY An uninitialized memory use vulnerability exists in Tinyproxy 1.11.1 while parsing HTTP requests. In certain configurations, a specially...

Cisco IOS XR Software SNMP Management Plane Protection ACL Bypass (cisco-sa-snmp-uhv6ZDeF)

According to its self-reported version, Cisco IOS XR is affected by a vulnerability. A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to bypass configured management plane protection policies and access the Simple...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.5

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.5 Vulnerability Details ** CVEID: CVE-2022-1471 DESCRIPTION: **SnakeYaml could allow a remote authenticated attacker to execute...

Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years

Cybersecurity researchers have discovered multiple campaigns targeting Docker Hub by planting millions of malicious "imageless" containers over the past five years, once again underscoring how open-source registries could pave the way for supply chain attacks. "Over four million of the...

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients. On October 21, 2020, the Vastaamo...

RHEL 9 : libX11 (RHSA-2024:2145)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2145 advisory. The libX11 packages contain the core X11 protocol client library. Security Fix(es): * libX11: out-of-bounds memory access in...

RHEL 9 : libreswan (RHSA-2024:2085)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2085 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...

RHEL 9 : python-jwcrypto (RHSA-2024:2559)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2559 advisory. The python-jwcrypto package provides Python implementations of the JSON Web Key (JWK), JSON Web Signature (JWS), JSON Web Encryption (JWE), and...

RHEL 8 : container-tools:3.0 (RHSA-2024:2586)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2586 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): *...

RHEL 9 : bind (RHSA-2024:2551)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2551 advisory. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named);.....