Malicious Package

Overview coloramapkgs is a malicious package. This package contains payloads with Windows and Linux variants that access and exfiltrate sensitive configuration information, establish remote control / remote access for the attacker, establish persistence and “command and control” C2 mechanisms...

Moderate: Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage

A Subscription Management tool for finding and reporting Red Hat product usage Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds, identifies, and reports environment data, or facts, such as the number of physical and virtual systems on a network, their...

CVE-2024-46887

The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum...

CVE-2024-20466

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability is due to improper enforcement of administrative privilege levels for high-value...

CVE-2024-12250

The Accept Authorize.NET Payments Using Contact Form 7 plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2 via the cf7adn-info.php file. This makes it possible for unauthenticated attackers to extract configuration data which can be used to aid in...

CVE-2024-12255

The Accept Stripe Payments Using Contact Form 7 plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.5 via the cf7sa-info.php file that returns phpinfo data. This makes it possible for unauthenticated attackers to extract configuration information tha...

CVE-2024-50334

Scoold is a Q and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass authentication and gain unauthorised access to sensitive configuration data. Furthermore, PUT reques...

CVE-2023-28767

The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions 5.00 through 5.36, USG FLEX 50W series firmware versions 5.10 through 5.36, USG20W-VPN series firmware versions 5.10 through 5.36, and VP...

CVE-2023-28877

The VTEX [email protected] GraphQL API module does not properly restrict unauthorized access to private configuration data. [email protected] is unaffected by this issue...

CVE-2023-24546

On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with network access to CloudVision to get broader access to telemetry and configuration data within the system than intended. This advisory impacts...

CVE-2023-38640

A vulnerability has been identified in SICAM PAS/PQS All versions = V8.00 V8.22. The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to read and modify configuration data in the context of the applicatio...

CVE-2022-37400

Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where the required initialization vector for encryption was always the same...

CVE-2022-48164

An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...

CVE-2022-48166

An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...

CVE-2022-44356

WAVLINK Quantum D4G WL-WN531G3 running firmware versions M31G3.V5030.201204 and M31G3.V5030.200325 has an access control issue which allows unauthenticated attackers to download configuration data and log files...

CVE-2022-39849

Improper access control in knoxvpnpolicy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data...

CVE-2022-39850

Improper access control in mumcontainerpolicy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data...

CVE-2022-48165

An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...

CVE-2021-20593

Incorrect Implementation of Authentication Algorithm in Mitsubishi Electric Air Conditioning System/Centralized Controllers G-50A Ver.2.50 to Ver. 3.35, GB-50A Ver.2.50 to Ver. 3.35, AG-150A-A Ver.3.20 and prior, AG-150A-J Ver.3.20 and prior, GB-50ADA-A Ver.3.20 and prior, GB-50ADA-J Ver.3.20 and...

CVE-2021-35036

A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50ABTL.0b2k could allow an authenticated attacker to obtain sensitive information from the configuration file...