ROS-20240823-02

A vulnerability in the Host Authorization Middleware Action Pack component of the Ruby on Rails software platform is related to the creation of "X-Forwarded-Host" headers in combination with certain "authorized host" formats. host." Exploitation of the vulnerability could allow an attacker acting...

CVE-2019-9488

Trend Micro Deep Security Manager 10.x, 11.x and Vulnerability Protection 2.0 are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager DSM...

Xxe

Trend Micro Deep Security Manager 10.x, 11.x and Vulnerability Protection 2.0 are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager DSM...

Zabbix (zabbix_agentd) denial of service

Hello, There is some DoS issue with zabbix which can be exploited by a malicious user from an authorized host. ------------------------ An attacker on the authorized host can cause the zabbixagentd to hang, overconsuming CPU resources. This can be triggered by sending the agent a file checksum...