[SECURITY] Fedora 39 Update: less-633-4.fc39

The less utility is a text file browser that resembles more, but has more capabilities. Less allows you to move backwards in the file as well as forwards. Since less doesn't have to read the entire input file before it starts, less starts up more quickly than text editors for example, vi. You...

PT-2024-6333 · Rockwell Automation · Rslogix 5

Name of the Vulnerable Software and Affected Versions: Rockwell Automation RSLogix 5 affected versions not specified Description: A feature in the affected products enables users to prepare a project file with an embedded VBA script and can be configured to run once the project file has been open...

CVE-2024-2010 Reflected XSS in TE Informatics' V5 Software

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in TE Informatics V5 allows Reflected XSS. This issue affects V5: before 6.2...

Prometheus Exporter Toolkit vulnerable to basic authentication bypass

...

VICIdial 2.14-917a SQL Injection Vulnerability

An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial version 2.14-917a to enumerate database records. By default, VICIdial stores plaintext credentials within the database. Title: VICIdial Unauthenticated SQL Injection Publication URL:...

CVE-2024-6876

Out-of-Bounds read vulnerability in OSCAT Basic Library allows an local, unprivileged attacker to access limited internal data of the PLC which may lead to a crash of the affected service...

CVE-2024-6876

Out-of-Bounds read vulnerability in OSCAT Basic Library allows an local, unprivileged attacker to access limited internal data of the PLC which may lead to a crash of the affected service...

CVE-2024-6876

CVE-2024-6876 affects the OSCAT Basic Library. The issue is an out-of-bounds read that allows a local, unprivileged attacker to access limited internal PLC data, potentially causing a crash. Public sources cite OSCAT Basic Library with affected versions; CNNVD notes versions prior to 3.3.5. Some ...

SAP S/4 HANA 安全漏洞

SAP S/4 HANA is an intelligent, integrated ERP software for large enterprises from SAP, Germany. A security vulnerability exists in SAP S/4 HANA that stems from the fact that, under certain circumstances, legal reports in SAP S/4 HANA allow an attacker with basic privileges to access information...

PT-2024-37920 · Unknown · Oscat Basic Library

Name of the Vulnerable Software and Affected Versions: OSCAT Basic Library affected versions not specified Description: The issue is an Out-of-Bounds read vulnerability that allows a local, unprivileged attacker to access limited internal data of the PLC, which may lead to a crash of the affected...

CODESYS OSCAT Basic Library 缓冲区错误漏洞

CODESYS OSCAT Basic Library is an open source library from CODESYS Corporation, known as the Open Source Community for Automation Technology. A buffer error vulnerability exists in CODESYS OSCAT Basic Library versions prior to 3.3.5, which stems from the presence of an out-of-bounds read...

The vulnerability of the retryablehttp package, related to the insertion of confidential information into the log file, allows a perpetrator to obtain confidential authentication credentials for HTTP basic authentication.

The vulnerability of the retryablehttp package lies in the lack of cleaning of URL addresses when they are written to the log file. Exploiting this vulnerability can allow an attacker to obtain confidential basic authentication credentials...

PT-2024-25093 · Unknown · Qualcomm Technologies

Name of the Vulnerable Software and Affected Versions: Qualcomm Technologies, Inc. products affected versions not specified Description: The issue is related to a Transient Denial of Service DOS that occurs while parsing MBSSID during the generation of a new Information Element IE in beacon or...

ROS-20240902-12

The vulnerability in the retryablehttp package is related to the lack of purging cleared URLs when writing them to its log file. Exploitation of the vulnerability could allow an attacker to obtain sensitive credentials HTTP basic authentication credentials...

MS09-020 IIS6 WebDAV Unicode Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS09-020 IIS6 WebDAV Unicode Authentication Bypass', 'Description' = %q This module attempts to to bypass authentication using the WebDAV IIS6...

MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass', 'Description' = %q This module bypasses basic authentication for Internet Informatio...

Intersil (Boa) HTTPd Basic Authentication Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Intersil Boa HTTPd Basic Authentication Password Reset', 'Description' = %q The Intersil extension in the Boa HTTP Server 0.93.x - 0.94.11 allows...

Exploit for Improper Privilege Management in Sudo_Project Sudo

CVE-2023-22809 Exploiter Scripts Disclaimer This script is pr...

PT-2024-31492

Name of the Vulnerable Software and Affected Versions Fort versions prior to 1.6.3 Description An issue was discovered in Fort where a malicious RPKI repository that descends from a trusted Trust Anchor can serve an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This...

Malicious code in basic-arithmetics (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a4b7ea06431a2127d9e1dd55c10c2182300c69f49150becb9536a94503acaadc Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...