Stardom Controllers Fcj,fcn-100,fcn-rtu, Fcn-500 Security Vulnerabilities

FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations

The U.S. Federal Trade Commission (FTC) has ordered mental telehealth company Cerebral from using or disclosing personal medical data for advertising purposes. It has also been fined more than $7 million over charges that it revealed users' sensitive personal health information and other data to...

sqlparse parsing heavily nested list leads to Denial of Service

Summary Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. Details + PoC Running the following code will raise Maximum recursion limit exceeded exception: py import sqlparse sqlparse.parse('[' * 10000 + ']' * 10000) We expect a traceback of...

sqlparse parsing heavily nested list leads to Denial of Service

Summary Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. Details + PoC Running the following code will raise Maximum recursion limit exceeded exception: py import sqlparse sqlparse.parse('[' * 10000 + ']' * 10000) We expect a traceback of...

Navigating the EU NIS2 Directive

How Qualys Cybersecurity Solutions Ensure Compliance The European Union’s revised Network and Information Security (NIS2) Directive is a comprehensive cybersecurity regulation aimed at bolstering the resilience of critical entities and essential services across the EU. As organizations grapple...

Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw

A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device vendors like Intel and Lenovo, new findings from Binarly reveal. While the original shortcoming was discovered and patched by the Lighttpd maintainers way back in...

AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now....

CVE-2024-32487

less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the...

Debian dsa-5658 : affs-modules-6.1.0-11-4kc-malta-di - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5658 advisory. A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in...

FortiNet FortiClient Endpoint Management Server FCTID SQLi to RCE

An SQLi injection vulnerability exists in FortiNet FortiClient EMS (Endpoint Management Server). FortiClient EMS serves as an endpoint management solution tailored for enterprises, offering a centralized platform for overseeing enrolled endpoints. The SQLi is vulnerability is due to user...

Cisco IOS XE Software for Wireless LAN Controllers Multicast DNS DoS (cisco-sa-wlc-mdns-dos-4hv6pBGf)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service...

CVE-2021-47195

In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the add_lock mutex Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on SPI buses") introduced a per-controller mutex. But mutex_unlock() of said lock is called after the controller is.....

CVE-2021-47214

In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we bail out using "goto out_release_unlock;" in the cases where idx >= size, or...

Qualys Endpoint Detection & Response Validated by Top Independent Testing Labs

Qualys is proud to announce that our Endpoint Detection & Response solution has earned top certifications from two of the most respected independent anti-virus testing organizations - SE Labs and AV-Test. These prestigious validations underscore Qualys' mission to deliver best-in-class malware...

Exploit for CVE-2023-6319

Root my webOS TV A simple python script that starts a telnet...

Python's PyPI Reveals Its Secrets

GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in...

Python's PyPI Reveals Its Secrets

GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in...

The LockBit’s Attempt to Stay Relevant, Its Imposters and New Opportunistic Ransomware Groups

The LockBit’s Attempt to Stay Relevant, Its Imposters and New Opportunistic Ransomware Groups By Jambul Tologonov and John Fokker · April 11, 2024 The Trellix Advanced Research Center has recently observed an uptick of LockBit-related cyber activity surrounding vulnerabilities in ScreenConnect....

CVE-2024-31464

XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.19, 15.5.4, and 15.9-rc-1, it is possible to access the hash of a password by using the diff feature of the history whenever the object storing the password is deleted. Using that vulnerability it's....

CVE-2024-31464

XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.19, 15.5.4, and 15.9-rc-1, it is possible to access the hash of a password by using the diff feature of the history whenever the object storing the password is deleted. Using that vulnerability it's....

CVE-2024-31464

XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.19, 15.5.4, and 15.9-rc-1, it is possible to access the hash of a password by using the diff feature of the history whenever the object storing the password is deleted. Using that vulnerability it's....

CVE-2021-47214

In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we bail out using "goto out_release_unlock;" in the cases where idx >= size, or...

CVE-2021-47214

In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we bail out using "goto out_release_unlock;" in the cases where idx >= size, or...

CVE-2021-47214

In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we bail out using "goto out_release_unlock;" in the cases where idx >= size, or...

CVE-2021-47195

In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the add_lock mutex Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on SPI buses") introduced a per-controller mutex. But mutex_unlock() of said lock is called after the controller...

CVE-2021-47195

In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the add_lock mutex Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on SPI buses") introduced a per-controller mutex. But mutex_unlock() of said lock is called after the controller is.....

CVE-2021-47195

In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the add_lock mutex Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on SPI buses") introduced a per-controller mutex. But mutex_unlock() of said lock is called after the controller is.....

CVE-2021-47214 hugetlb, userfaultfd: fix reservation restore on userfaultfd error

In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we bail out using "goto out_release_unlock;" in the cases where idx >= size, or...

CVE-2021-47214 hugetlb, userfaultfd: fix reservation restore on userfaultfd error

In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we bail out using "goto out_release_unlock;" in the cases where idx >= size, or...

CVE-2021-47195 spi: fix use-after-free of the add_lock mutex

In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the add_lock mutex Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on SPI buses") introduced a per-controller mutex. But mutex_unlock() of said lock is called after the controller is.....

CVE-2021-47195 spi: fix use-after-free of the add_lock mutex

In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the add_lock mutex Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on SPI buses") introduced a per-controller mutex. But mutex_unlock() of said lock is called after the controller is.....

CVE-2024-31464 XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted

XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.19, 15.5.4, and 15.9-rc-1, it is possible to access the hash of a password by using the diff feature of the history whenever the object storing the password is deleted. Using that vulnerability it's....

XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted

Impact It is possible to access the hash of a password by using the diff feature of the history whenever the object storing the password is deleted. Using that vulnerability it's possible for an attacker to have access to the hash password of a user if they have rights to edit the users' page. ...

XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted

Impact It is possible to access the hash of a password by using the diff feature of the history whenever the object storing the password is deleted. Using that vulnerability it's possible for an attacker to have access to the hash password of a user if they have rights to edit the users' page. ...

yt-dlp: `--exec` command injection when using `%q` in yt-dlp on Windows (Bypass of CVE-2023-40581)

Summary The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment variables. Support for output template expansion in --exec,...

yt-dlp: `--exec` command injection when using `%q` in yt-dlp on Windows (Bypass of CVE-2023-40581)

Summary The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment variables. Support for output template expansion in --exec,...

CVE-2024-27474

Leantime 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF). This vulnerability allows malicious actors to perform unauthorized actions on behalf of authenticated users, specifically...

CVE-2024-27476

Leantime 3.0.6 is vulnerable to HTML Injection via...

CVE-2024-27476

Leantime 3.0.6 is vulnerable to HTML Injection via...

CVE-2024-27477

In Leantime 3.0.6, a Cross-Site Scripting vulnerability exists within the ticket creation and modification functionality, allowing attackers to inject malicious JavaScript code into the title field of tickets (also known as to-dos). This stored XSS vulnerability can be exploited to perform...

CVE-2024-27474

Leantime 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF). This vulnerability allows malicious actors to perform unauthorized actions on behalf of authenticated users, specifically...

CVE-2024-27477

In Leantime 3.0.6, a Cross-Site Scripting vulnerability exists within the ticket creation and modification functionality, allowing attackers to inject malicious JavaScript code into the title field of tickets (also known as to-dos). This stored XSS vulnerability can be exploited to perform...

CVE-2021-47195

In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the add_lock mutex Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on SPI buses") introduced a per-controller mutex. But mutex_unlock() of said lock is called after the controller is.....

CVE-2021-47214

In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we bail out using "goto out_release_unlock;" in the cases where idx >= size, or...

CVE-2024-27477

In Leantime 3.0.6, a Cross-Site Scripting vulnerability exists within the ticket creation and modification functionality, allowing attackers to inject malicious JavaScript code into the title field of tickets (also known as to-dos). This stored XSS vulnerability can be exploited to perform...

CVE-2024-27474

Leantime 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF). This vulnerability allows malicious actors to perform unauthorized actions on behalf of authenticated users, specifically...

CVE-2024-27476

Leantime 3.0.6 is vulnerable to HTML Injection via...

CVE-2024-3313

SUBNET Solutions Inc. has identified vulnerabilities in third-party components used in PowerSYSTEM Server 2021 and Substation Server...

CVE-2024-3313

SUBNET Solutions Inc. has identified vulnerabilities in third-party components used in PowerSYSTEM Server 2021 and Substation Server...

CVE-2024-3313 SUBNET PowerSYSTEM Server and Substation Server Reliance on Insufficiently Trustworthy Component

SUBNET Solutions Inc. has identified vulnerabilities in third-party components used in PowerSYSTEM Server 2021 and Substation Server...

CVE-2024-1352

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized access & modification of data due to a missing capability check on the rtcl_import_location() rtcl_import_category() functions in all versions up to, and including, 3.0.4. This...