CVE-2024-20430

CVE-2024-20430 affects Cisco Meraki Systems Manager (SM) Agent for Windows. The issue stems from incorrect handling of directory search paths at runtime, enabling an authenticated, local attacker to read and place malicious configuration files and DLLs that are executed when SM launches at startu...

K000141051: c-ares vulnerability CVE-2024-25629

Security Advisory Description c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these...

Siemens SIMATIC RFID Readers Hidden Function Vulnerability

SIMATIC RF600 Readers are used for contactless identification of a variety of objects such as shipping containers, pallets, production goods, or often for recording bulk goods.SIMATIC RF1100 is an RFID-based solution for simple and versatile electronic authorization management.SIMATIC RF360R read...

CVE-2024-20489

A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials. This vulnerability is due to improper storage of the unencrypted database credentials on the device that is running...

PT-2024-8094 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB...

CVE-2024-37990

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT 6GT2811-6BC10-2AA0 All versions V4.2, SIMATIC Reader RF610R ETSI 6GT2811-6BC10-0AA0 All versions V4.2, SIMATIC Reader RF610R FCC 6GT2811-6BC10-1AA0 All versions V4.2, SIMATIC Reader RF615R CMIIT 6GT2811-6CC10-2AA0 All versions V4....

CVE-2024-37990

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT 6GT2811-6BC10-2AA0 All versions V4.2, SIMATIC Reader RF610R ETSI 6GT2811-6BC10-0AA0 All versions V4.2, SIMATIC Reader RF610R FCC 6GT2811-6BC10-1AA0 All versions V4.2, SIMATIC Reader RF615R CMIIT 6GT2811-6CC10-2AA0 All versions V4....

CVE-2024-37990

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT 6GT2811-6BC10-2AA0 All versions V4.2, SIMATIC Reader RF610R ETSI 6GT2811-6BC10-0AA0 All versions V4.2, SIMATIC Reader RF610R FCC 6GT2811-6BC10-1AA0 All versions V4.2, SIMATIC Reader RF615R CMIIT 6GT2811-6CC10-2AA0 All versions V4....

CVE-2024-37990

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT 6GT2811-6BC10-2AA0 All versions V4.2, SIMATIC Reader RF610R ETSI 6GT2811-6BC10-0AA0 All versions V4.2, SIMATIC Reader RF610R FCC 6GT2811-6BC10-1AA0 All versions V4.2, SIMATIC Reader RF615R CMIIT 6GT2811-6CC10-2AA0 All versions V4....

Siemens SIMATIC 安全漏洞

SIMATIC RF600 Readers are used for contactless identification of a variety of objects such as shipping containers, pallets, production goods, or often for recording bulk goods.SIMATIC RF1100 is an RFID-based solution for simple and versatile electronic authorization management.SIMATIC RF360R read...

Siemens SIMATIC RFID Readers

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

CVE-2024-42022

An incorrect permission assignment vulnerability allows an attacker to modify product configuration files...

CVE-2024-42022

An incorrect permission assignment vulnerability allows an attacker to modify product configuration files...

CVE-2024-42022

An incorrect permission assignment vulnerability allows an attacker to modify product configuration files...

Veeam ONE 安全漏洞

Veeam ONE is a suite of IT monitoring and reporting tools from Veeam USA. The product supports features such as backup monitoring, operational status monitoring of virtual and physical environments. A security vulnerability exists in Veeam ONE version 12.1.0.3208 and previous versions 12, which...

CVE-2024-44408

D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to information disclosure: unauthorized downloads of configuration files that contain plaintext passwords. This remote (network) issue is documented across multiple sources (NVD/Red Hat/CNVD/CVE lists). No explicit patch/version is provided in the ...

PT-2024-7550 · Veeam · Veeam One

Name of the Vulnerable Software and Affected Versions: Veeam ONE affected versions not specified Description: The issue is related to an incorrect permission assignment, which allows an attacker to modify product configuration files. This is due to insufficient access control in the software...

SurgeNews User Credentials

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SurgeNews User Credentials', 'Description' = %q This module exploits a vulnerability in the WebNews web interface of SurgeNews on TCP ports 9080...

Xymon Daemon Gather Information

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xymon Daemon Gather Information', 'Description' = %q This module retrieves information from a Xymon daemon service formerly Hobbit, based on Big...

OESA-2024-2020 c-ares security update

This is c-ares, an asynchronous resolver library. It is intended for applications which need to perform DNS queries without blocking, or need to perform multiple Security Fixes: c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as...