OESA-2024-1066 openssh security update

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...

OESA-2024-1065 openssh security update

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...

OESA-2024-1059 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks

Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. "This attack is particularly intriguing due to the attacker's use of packers and rootkits to conceal the malware," Aqua...

Ivanti Endpoint Manager Installed (Windows)

Binary data ivantiendpointmanagerwininstalled.nbin...

D-Link DIR-X3260 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

Ubuntu 16.04 ESM / 18.04 ESM : OpenSSH vulnerabilities (USN-6560-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6560-2 advisory. USN-6560-1 fixed several vulnerabilities in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...

CVE-2023-51123

An issue discovered in D-Link dir815 v.1.01SSb08.bin allows a remote attacker to execute arbitrary code via a crafted POST request to the service parameter in the soapcgimain function of the cgibin binary component...

Design/Logic Flaw

An issue discovered in D-Link dir815 v.1.01SSb08.bin allows a remote attacker to execute arbitrary code via a crafted POST request to the service parameter in the soapcgimain function of the cgibin binary component...

python: DoS when processing malformed Apple Property List files in binary format

A vulnerability was found in the Python core plistlib library within the readints function in the plistlib.py file. In malformed input, the implementation can be manipulated to create an argument for struct.unpack. This issue can lead to excessive CPU and memory consumption, resulting in a...

N-able N-central Agent Installed (Windows)

Binary data nablencentralagentwininstalled.nbin...

N-able N-central Web Interface Detection

Binary data nablencentraldetect.nbin...

MacOS NetBIOS Identity Information

Binary data macosxnetbiosinfo.nbin...

Adobe Substance 3D Stager Installed (macOS)

Binary data adobesubstance3dstagermacosinstalled.nbin...

CVE-2023-51123

An issue discovered in D-Link dir815 v.1.01SSb08.bin allows a remote attacker to execute arbitrary code via a crafted POST request to the service parameter in the soapcgimain function of the cgibin binary component...

Binary Vulnerability in Damon Database Management System DM8

Damon database management system DM8 is a new generation of large-scale general-purpose relational database, fully supports SQL standards and mainstream programming language interfaces/development frameworks. A binary vulnerability exists in Damon Database Management System DM8, which can be...

RHEL 8 : python3 (RHSA-2024:0114)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0114 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

Fedora 38 : putty (2024-71c2c6526c)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-71c2c6526c advisory. Security fix for CVE-2023-48795. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

DEBIAN-CVE-2024-21646

Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remo...

AZL-34555 CVE-2024-21646 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1

Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remo...