CVE-2024-10523

CVE-2024-10523 affects TP-Link IoT Smart Hub. Root cause: storage of Wi‑Fi credentials in plaintext in the device firmware, enabling credential extraction by analyzing the firmware if an attacker has physical access. Impact: disclosure of Wi‑Fi credentials stored on the vulnerable device. Exploit...

Finding the LNK: Techniques and methodology for advanced analysis with Velociraptor

Malicious exploitation of LNK files, commonly known as Windows shortcuts, is a well-established technique used by threat actors for delivery and persistence. While the value of LNK forensics for cyber threat intelligence CTI is fairly well-understood, analysts may overlook less well-known data...

North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack

Threat actors linked to North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial motivations. The activity, observed between May and September 2024, has been attributed to a threat actor tracked as Jumpy Pisces , which...

Security update for libgsf

This update for libgsf fixes the following issues: CVE-2016-9888: Fixed null pointer dereference with corrupted tar files bsc1014609 CVE-2024-36474: Fixed out-of-bounds index when processing a directory via an integer overflow in the compound document binary file format parser bsc1231282...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-2660)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apple iOS < 17.7.1 Multiple Vulnerabilities (121567)

Binary data appleios1771check.nbin...

CBL Mariner 2.0 Security Update: qt5-qtbase (CVE-2022-25255)

The version of qt5-qtbase installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-25255 advisory. - In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute ...

CVE-2024-0126

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a privileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tamperin...

Rancher Remote Code Execution via Cluster/Node Drivers

Impact A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher...

Solarwinds CatTools Installed (Windows)

Binary data solarwindscattoolswininstalled.nbin...

SonicWall SMA1000 Connect Tunnel (Windows)

Binary data sonicwallconnecttunnelinstalled.nbin...

mySCADA myPro Hard-coded Telnet Password (CVE-2024-4708

Binary data myscadamyprocve-2024-4708.nbin...

CVE-2022-25255

...

CVE-2024-47904

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber All versions V8.2.12, InterMesh 7707 Fire Subscriber All versions V7.2.12 only if the IP interface is enabled which is not the default configuration. The affected devices contain a SUID binary that could allow an...

CVE-2024-47904

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber All versions V8.2.12, InterMesh 7707 Fire Subscriber All versions V7.2.12 only if the IP interface is enabled which is not the default configuration. The affected devices contain a SUID binary that could allow an...

CVE-2024-47904

CVE-2024-47904 affects Siemens InterMesh Subscriber devices: InterMesh 7177 Hybrid 2.0 Subscriber (all versions &lt; V8.2.12) and InterMesh 7707 Fire Subscriber (all versions

CVE-2024-47904

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber All versions V8.2.12, InterMesh 7707 Fire Subscriber All versions V7.2.12 only if the IP interface is enabled which is not the default configuration. The affected devices contain a SUID binary that could allow an...

Siemens InterMesh 7177和Siemens InterMesh 7707 安全漏洞

InterMesh is a wireless alarm reporting system that uses mesh wireless network technology to transmit alarm signals. An incorrect privilege assignment vulnerability exists in Siemens InterMesh Subscriber Devices, which is due to an affected device containing a SUID binary file that can be exploit...

PT-2024-32880 · Intermesh · Intermesh 7177 Hybrid 2.0 Subscriber +1

Name of the Vulnerable Software and Affected Versions: InterMesh 7177 Hybrid 2.0 Subscriber versions prior to 8.2.12 InterMesh 7707 Fire Subscriber versions prior to 7.2.12 Description: A vulnerability has been identified that could allow an authenticated local attacker to execute arbitrary...

Ubuntu: Security Advisory (USN-7062-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...