5127 matches found
How to Prepare Provisioning Services 7.x Master Target Device to be Captured on a vDisk
This article provides the recommended procedure for preparing Provisioning Services 7.x Master Target Device to be captured on a vDisk...
How to Enable Promiscuous Mode on a Physical Network Card
This article describes how to enable promiscuous mode on a physical Network Interface Card NIC.In a network, promiscuous mode allows a network device to intercept and read each network packet that arrives in its entirety. This mode of operation is sometimes given to a network snoop server that...
The vulnerability of the RADIUS authentication protocol lies in the ability to bypass the authentication process by using capture-replay techniques to manipulate intercepted messages. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access by manipulating the authentication response.
The vulnerability of the RADIUS authentication protocol lies in the ability to bypass the authentication process by using capture-replay techniques to manipulate intercepted messages. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access by...
ViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy Attacks
The sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents. "A notable aspect of the current variant of ViperSoftX is that it uses the Common Language Runtime CLR to dynamically load and run PowerShell commands, thereby creating a PowerShell...
UBUNTU-CVE-2024-6610
Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox 128 and Thunderbird 128...
Cross-site Scripting (XSS)
Typo3/Neos is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper handling of user input, allowing attackers to tamper with page rendering, redirect victims, capture credentials, and potentially upload backdoors...
CVE-2024-5885
stangirard/quivr version 0.0.236 contains a Server-Side Request Forgery SSRF vulnerability. The application does not provide sufficient controls when crawling a website, allowing an attacker to access applications on the local network. This vulnerability could allow a malicious user to gain acces...
CVE-2024-37183
Westermo L210-F2G Lynx (CVE-2024-37183) is affected. The vulnerability allows capture of plain text credentials and session IDs over the network due to cleartext transmission. CVSS v3.1 base score 7.5 indicates high severity with Network attack vector and low access complexity; confidentiality im...
CVE-2024-36499
Vulnerability of unauthorized screenshot capturing in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2024-36499
Vulnerability of unauthorized screenshot capturing in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2024-38284 Authentication Bypass by Capture-replay in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to replicate calls...
CVE-2024-38284 Authentication Bypass by Capture-replay in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to replicate calls...
Apple iOS and iPadOS Security Vulnerabilities
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS version 17.5 and iPadOS version 17.5, which originates from a...
Apple iOS and iPadOS Security Vulnerabilities
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS version 17.5 and iPadOS version 17.5, which originates from a...
CVE-2024-4009 Replay Attack in KNX Secure Devices
Replay Attack in ABB, Busch-Jaeger, FTS Display version 1.00 and BCU version 1.3.0.33 allows attacker to capture/replay KNX telegram to local KNX Bus-System...
CVE-2024-4009 Replay Attack in KNX Secure Devices
Replay Attack in ABB, Busch-Jaeger, FTS Display version 1.00 and BCU version 1.3.0.33 allows attacker to capture/replay KNX telegram to local KNX Bus-System...
Mageia: Security Advisory (MGASA-2024-0206)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2024-0206 Updated wireshark packages fix security vulnerabilities
Memory handling issue in editcap could cause denial of service via crafted capture file. CVE-2024-4853 MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file. CVE-2024-485...
SUSE CVE-2021-47535
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 "drm/msm/a6xx: fix crashstate capture for A650" we changed a6xxgetgmuregisters to read 3 sets of registers. Unfortunately, we didn't change the memory...
CVE-2021-47535
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 "drm/msm/a6xx: fix crashstate capture for A650" we changed a6xxgetgmuregisters to read 3 sets of registers. Unfortunately, we didn't change the memory...