CVE-2023-31416 Elastic Cloud on Kubernetes (ECK) secret token configuration issue

Secret token configuration is never applied when using ECK =8.0. This could lead to anonymous requests to an APM Server being accepted and the data ingested into this APM deployment...

DEBIAN-CVE-2023-39325

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...

CVE-2022-4039

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server...

CVE-2022-4039 Rhsso-container-image: unsecured management interface exposed to adjecent network

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server...

CVE-2022-4039 Rhsso-container-image: unsecured management interface exposed to adjecent network

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server...

CVE-2023-42450

Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 4.2.0-beta1 and prior to version 4.2.0-rc2, by crafting specific input, attackers can inject arbitrary data into HTTP requests issued by Mastodon. This can be used to perform confused deputy attacks if...

Siemans WIBU Systems CodeMeter

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Prometheus API Information Gather

This module utilizes Prometheus' API calls to gather information about the server's configuration, and targets. Fields which may contain credentials, or credential file names are then pulled out and printed. Targets may have a wealth of information, this module will print the following values whe...

DorXNG - Next Generation DorX. Built By Dorks, For Dorks

DorXNG is a modern solution for harvesting OSINT data using advanced search engine operators through multiple upstream search providers. On the backend it leverages a purpose built containerized image of SearXNG, a self-hosted, hackable, privacy focused, meta-search engine. Our SearXNG...

PT-2023-27979 · Tenda · Tenda Ac9 +1

Name of the Vulnerable Software and Affected Versions: Tenda AC9 version V15.03.06.42 multi Tenda AC5 version V15.03.06.28 Description: A stack overflow issue was discovered via parameters startIp and endIp at the "/goform/SetPptpServerCfg" API endpoint. Recommendations: For Tenda AC9 version...

PT-2023-27607 · Opto 22 · Snap Pac S1 Firmware

Name of the Vulnerable Software and Affected Versions: SNAP PAC S1 Firmware version R10.3b Description: An adversary could crash the entire device by sending a large quantity of ICMP requests if the controller has the built-in web server enabled but does not have the built-in web server completel...

PT-2023-27608 · Opto 22 · Snap Pac S1 Firmware

Name of the Vulnerable Software and Affected Versions: SNAP PAC S1 Firmware version R10.3b Description: An adversary could cause a continuous restart loop to the entire device by sending a large quantity of HTTP GET requests if the controller has the built-in web server enabled but does not have...

VDA 2203 - There is no Citrix SSL server configured on the specified address

After installation of Virtual Apps and Desktops VDA 2203 version via an existing install script used for older VDA versions, the SSL VDA connection fails with error "There is no Citrix SSL server configured on the specified address". Uninstalling and reinstalling does not resolve the issue...

(0Day) (Pwn2Own) Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this vulnerability. The specific flaw exists within the configuration of the web server. The issue results from the lack of appropriate...

PT-2023-4656 · Softing · Softing Edgeaggregator

Name of the Vulnerable Software and Affected Versions: Softing edgeAggregator affected versions not specified Description: The issue is related to the lack of protection for the web page structure in Softing edgeAggregator, allowing remote attackers to execute arbitrary code with root privileges...

CVE-2023-39528 PrestaShop vulnerable to file reading through path traversal

PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, the displayAjaxEmailHTML method can be used to read any file on the server, potentially even outside of the project if the server is not correctly configured. Version 8.1.1 contains a patch for this issue. There are ...

(Pwn2Own) Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2023-35833

An issue was discovered in YSoft SAFEQ 6 Server before 6.0.82. When modifying the URL of the LDAP server configuration from LDAPS to LDAP, the system does not require the password to be reentered. This results in exposing cleartext credentials when connecting to a rogue LDAP server. NOTE: the...

Honeywell Products 安全漏洞

Honeywell Products is a line of products from Honeywell USA. A security vulnerability exists in Honeywell Products that originates from the disclosure of server information about configuration data when an error is generated in response to a specially crafted message...

Code injection

In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installation script allows an attacker to overwrite the server configuration and inject PHP code...