Simatic Hmi Comfort Outdoor Panels 7" Firmware Security Vulnerabilities

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

CVE-2020-27748 affecting package xdg-utils 1.1.3-7

CVE-2020-27748 affecting package xdg-utils 1.1.3-7. No patch is available...

CVE-2019-16707 affecting package hunspell 1.7.0-7

CVE-2019-16707 affecting package hunspell 1.7.0-7. This CVE either no longer is or was never...

CVE-2010-4756 affecting package glibc 2.35-7

CVE-2010-4756 affecting package glibc 2.35-7. This CVE either no longer is or was never...

CVE-2023-0687 affecting package glibc 2.35-7

CVE-2023-0687 affecting package glibc 2.35-7. This CVE either no longer is or was never...

CVE-2022-4055 affecting package xdg-utils 1.1.3-7

CVE-2022-4055 affecting package xdg-utils 1.1.3-7. No patch is available...

CVE-2022-1941 affecting package grpc 1.42.0-7

CVE-2022-1941 affecting package grpc 1.42.0-7. This CVE either no longer is or was never...

CVE-2022-40898 affecting package python-wheel 0.33.6-7

CVE-2022-40898 affecting package python-wheel 0.33.6-7. No patch is available...

CVE-2024-23653 affecting package moby-compose for versions less than 2.17.2-7

CVE-2024-23653 affecting package moby-compose for versions less than 2.17.2-7. A patched version of the package is...

CVE-2022-4904 affecting package grpc 1.42.0-7

CVE-2022-4904 affecting package grpc 1.42.0-7. No patch is available...

CVE-2023-25153 affecting package k3s for versions less than 1.25.5-7

CVE-2023-25153 affecting package k3s for versions less than 1.25.5-7. This CVE either no longer is or was never...

CVE-2021-46023 affecting package rust 1.72.0-7

CVE-2021-46023 affecting package rust 1.72.0-7. This CVE either no longer is or was never...

CVE-2022-3857 affecting package qt5-qtbase 5.12.11-7

CVE-2022-3857 affecting package qt5-qtbase 5.12.11-7. No patch is available...

CVE-2016-2568 affecting package polkit 0.116-7

CVE-2016-2568 affecting package polkit 0.116-7. No patch is available...

CVE-2021-25741 affecting package kubernetes-1.21.2 1.21.2-7

CVE-2021-25741 affecting package kubernetes-1.21.2 1.21.2-7. No patch is available...

CVE-2022-41725 affecting package gcc 9.1.0-7

CVE-2022-41725 affecting package gcc 9.1.0-7. This CVE either no longer is or was never...

CVE-2021-25741 affecting package kubernetes-1.20.9 1.20.9-7

CVE-2021-25741 affecting package kubernetes-1.20.9 1.20.9-7. No patch is available...

CVE-2019-20633 affecting package patch 2.7.6-7

CVE-2019-20633 affecting package patch 2.7.6-7. No patch is available...

CVE-2021-3996 affecting package util-linux 2.32.1-7

CVE-2021-3996 affecting package util-linux 2.32.1-7. This CVE either no longer is or was never...

CVE-2022-41724 affecting package gcc 9.1.0-7

CVE-2022-41724 affecting package gcc 9.1.0-7. This CVE either no longer is or was never...

CVE-2021-25741 affecting package kubernetes-1.19.11 1.19.11-7

CVE-2021-25741 affecting package kubernetes-1.19.11 1.19.11-7. No patch is available...

CVE-2023-25193 affecting package qt5-qtbase 5.12.11-7

CVE-2023-25193 affecting package qt5-qtbase 5.12.11-7. This CVE either no longer is or was never...

CVE-2021-3995 affecting package util-linux 2.32.1-7

CVE-2021-3995 affecting package util-linux 2.32.1-7. This CVE either no longer is or was never...

CVE-2021-25741 affecting package kubernetes-1.21.1 1.21.1-7

CVE-2021-25741 affecting package kubernetes-1.21.1 1.21.1-7. No patch is available...

CVE-2023-4017

The Goya theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attra-color’, 'attra-size', and 'product-cata' parameters in versions up to, and including, 1.0.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2023-4017

The Goya theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attra-color’, 'attra-size', and 'product-cata' parameters in versions up to, and including, 1.0.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2023-4017 Goya <= 1.0.8.7 - Unauthenticated Reflected Cross-Site Scripting via Multiple Parameters

The Goya theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attra-color’, 'attra-size', and 'product-cata' parameters in versions up to, and including, 1.0.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2023-4017 Goya <= 1.0.8.7 - Unauthenticated Reflected Cross-Site Scripting via Multiple Parameters

The Goya theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attra-color’, 'attra-size', and 'product-cata' parameters in versions up to, and including, 1.0.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

Exploit for CVE-2024-34102

🚨 CVE-2024-34102 Exploit Script 🚨 Description This...

CVE-2024-39302

BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the /usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0 directory with the goal of privilege...

CVE-2024-38518

BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker with a valid join link to a meeting can trick BigBlueButton into generating a signed join link with additional parameters. One of those parameters may be "role=moderator", allowing an.....

CVE-2024-38518

BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker with a valid join link to a meeting can trick BigBlueButton into generating a signed join link with additional parameters. One of those parameters may be "role=moderator", allowing an.....

CVE-2024-39302

BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the /usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0 directory with the goal of privilege...

CVE-2024-39302 Some bbb-record-core files installed with wrong file permission

BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the /usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0 directory with the goal of privilege...

Metasploit Weekly Wrap-Up 06/28/2024

Unauthenticated Command Injection in Netis Router This week's Metasploit release includes an exploit module for an unauthenticated command injection vulnerability in the Netis MW5360 router which is being tracked as CVE-2024-22729. The vulnerability stems from improper handling of the password...

CVE-2024-38518 bbb-web API additional parameters considered

BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker with a valid join link to a meeting can trick BigBlueButton into generating a signed join link with additional parameters. One of those parameters may be "role=moderator", allowing an.....

Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data

The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that's designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early March 2024, has...

Exploit for Improper Input Validation in Google Android

Exploit for CVE-2022-20186 The write up can be found...

Exploit for Improper Input Validation in Google Android

Exploit for CVE-2022-20186 The write up can be found...

Grafana XSS in header column rename in github.com/grafana/grafana

Grafana XSS in header column rename in...

3 More Plugins Infected in WordPress.org Supply Chain Attack Due to Compromised Developer Passwords

Update #1: As of 12:36PM EST, another plugin has been infected. We've updated the list below to include this fourth plugin and the plugins team has been notified. Update #2: As of 2:20 PM EST, two more plugins appear to have malicious commits, however, the releases have not officially been made...

New SnailLoad Attack Exploits Network Latency to Spy on Users' Web Activities

A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as SnailLoad that could be used to remotely infer a user's web activity. "SnailLoad exploits a bottleneck present on all Internet connections," the researchers said in a study...

Researchers Warn of Flaws in Widely Used Industrial Gas Analysis Equipment

Multiple security flaws have been disclosed in Emerson Rosemount gas chromatographs that could be exploited by malicious actors to obtain sensitive information, induce a denial-of-service (DoS) condition, and even execute arbitrary commands. The flaws impact GC370XA, GC700XA, and GC1500XA and...

CVE-2024-39350

A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows man-in-the-middle attackers to obtain privileges without consent via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500....

CVE-2024-39350

A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows man-in-the-middle attackers to obtain privileges without consent via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500....

CVE-2024-39350

A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows man-in-the-middle attackers to obtain privileges without consent via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500....

CVE-2024-39350

A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows man-in-the-middle attackers to obtain privileges without consent via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500....

CVE-2024-39352

A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality. This allows remote authenticated users with administrator privileges to bypass firmware integrity check via unspecified vectors. The following models with Synology Camera Firmware versions before...

CVE-2024-39352

A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality. This allows remote authenticated users with administrator privileges to bypass firmware integrity check via unspecified vectors. The following models with Synology Camera Firmware versions before...