The vulnerability of the microprogrammed software of Modicon M241 and Modicon M251 control units lies in the insufficient protection of registration data, allowing attackers to intercept login credentials and access the web application.

The vulnerability of the microprogrammed logic controllers Modicon M241 and Modicon M251 is related to insufficient protection for registration data. Exploiting this vulnerability can allow an attacker, operating remotely, to intercept login credentials and gain access to the web application...

KLA19262 XSS vulnerability in Apache Tomcat

Cross-site scripting XSS vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to perform cross-site scripting attack. Original advisories Apache Tomcat 10.x vulnerabilities Related products Apache-Tomcat CVE list CVE-2022-34305 high Solution Update to the lates...

Design/Logic Flaw

Undici.ProxyAgent never verifies the remote server's certificate, and always exposes all request & response data to the proxy. This unexpectedly means that proxies can MitM all HTTPS traffic, and if the proxy's URL is HTTP then it also means that nominally HTTPS requests are actually sent via...

The vulnerability of the OpenSSH cryptographic protection mechanism, related to bypassing permissions and access control, allows attackers to elevate their privileges within the system.

The vulnerability of the OpenSSH cryptographic protection lies in the fact that the application does not properly enforce security restrictions when the “LogVerbose” keyword is enabled along with certain parameters that trigger logging for the sshd process running with low privileges. Exploiting...

ALPINE-CVE-2022-32208

When curl 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client...

Galaxkey 跨站脚本漏洞

Galaxkey is an application from Galaxkey UK for viewing Galaxkey Secure Documents and composing and sending Galaxkey Secure Email. A security vulnerability exists in Galaxkey Secure Mail Client. An attacker could use this vulnerability to intercept HTTP Post requests when sending email and perfor...

CVE-2022-2102

Controls limiting uploads to certain file extensions may be bypassed. This could allow an attacker to intercept the initial file upload page response and modify the associated code. This modified code can be forwarded and used by a script loaded later in the sequence, allowing for arbitrary file...

CVE-2022-1521

LRM does not implement authentication or authorization by default. A malicious actor can inject, replay, modify, and/or intercept sensitive data...

Design/Logic Flaw

Controls limiting uploads to certain file extensions may be bypassed. This could allow an attacker to intercept the initial file upload page response and modify the associated code. This modified code can be forwarded and used by a script loaded later in the sequence, allowing for arbitrary file...

Google Says ISPs Helped Attackers Infect Targeted Smartphones with Hermit Spyware

A week after it emerged that a sophisticated mobile spyware dubbed Hermit was used by the government of Kazakhstan within its borders, Google said it has notified Android users of infected devices. Additionally, necessary changes have been implemented in Google Play Protect — Android's built-in...

PT-2022-4353 · Illumina · Illumina Local Run Manager

Name of the Vulnerable Software and Affected Versions: Illumina Local Run Manager affected versions not specified Description: The issue is related to the lack of authentication or authorization procedures in the software. This allows a malicious actor to inject, replay, modify, and/or intercept...

Download Manager < 3.2.48 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape the 'Insert URL' field, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks. Note: The attempted fix made in 3.2.46 and 3.2.47 were found to be insufficient As a contributor, create/edit a download and pu...

Configuration API in EdgeXFoundry 2.1.0 and earlier exposes message bus credentials to local unauthenticated users

Impact The /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, message bus credentials are supposed to be kept in the EdgeX secret store and require authentication to access. This vulnerability bypasses the access controls on message b...

CVE-2022-25805

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. The transmission of cleartext LDAP bind credentials by the cmdmgtloadmgttree command allows an attacker who can intercept or inspect traffic between an authenticated UMS client and server to compromise those LDAP bind...

CVE-2022-25805

CVE-2022-25805 affects IGEL Universal Management Suite (UMS) 6.07.100, where the cmd_mgt_load_mgt_tree command transmits LDAP bind credentials in cleartext. This enables an attacker who can observe traffic between an authenticated UMS client and server to compromise LDAP bind credentials. The ava...

CVE-2022-25805

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. The transmission of cleartext LDAP bind credentials by the cmdmgtloadmgttree command allows an attacker who can intercept or inspect traffic between an authenticated UMS client and server to compromise those LDAP bind...

Unchecked Return Value

ntfs-3g is vulnerable to unchecked return value. The vulnerability exists due to an invalid return code in fusekernmount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G when using libfuse-lite...

USN-5463-1 ntfs-3g vulnerabilities

It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a user or automated system were tricked into using ntfsck on a specially crafted disk image, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-46790 Roman Fiedler discovered that NTFS-3G...

CVE-2022-30783

A vulnerability was found in NTFS-3G. An invalid return code in fusekernmount allows libfuse-lite protocol traffic between NTFS-3G and the kernel to be intercepted...

CVE-2022-28224

Clusters using Calico version 3.22.1 and below, Calico Enterprise version 3.12.0 and below, may be vulnerable to route hijacking with the floating IP feature. Due to insufficient validation, a privileged attacker may be able to set a floating IP annotation to a pod even if the feature is not...