ABB RTU500 Series, AFS series and M2M Gateway Type Confusion in embedded OpenSSL (CVE-2023-0286)

A vulnerability exists in the OpenSSL that affects the RTU500 Series product versions listed below. RTU500 series CMU Firmware versions 12.0.1 – 12.0.15 12.2.1 – 12.2.12 12.4.1 – 12.4.12 12.6.1 – 12.6.9 12.7.1 – 12.7.6 13.2.1 – 13.2.6 13.3.1 – 13.3.3 13.4.2 M2M Gateway ARM600:...

Incorrect Bounds Checking

Vyper is vulnerable to Incorrect Bounds Checking. The vulnerability is due to the lack of input validation when abidecode is nested in an expression. This allows for the construction of uses of abidecode that can bypass bounds checking, ultimately resulting in incorrect results...

D-Link DIR-619 缓冲区错误漏洞

The D-Link DIR-619L is a wireless router. A buffer overflow vulnerability exists in the D-Link DIR-619 formSetWANWizard56 function due to incorrect boundary checking in the formSetWANWizard56 function. An attacker could exploit this vulnerability to cause a denial of service...

SUSE-SU-2023:3822-1 Security update for supportutils

This update for supportutils fixes the following issues: Security fixes: - CVE-2022-45154: Removed iSCSI passwords bsc1207598. Other Fixes: - Changes in version 3.1.26 + powerpc plugin to collect the slots and active memory bsc1210950 + A Cleartext Storage of Sensitive Information vulnerability...

CVE-2023-42460

Vyper is a Pythonic Smart Contract Language for the EVM. The abidecode function does not validate input when it is nested in an expression. Uses of abidecode can be constructed which allow for bounds checking to be bypassed resulting in incorrect results. This issue has not yet been fixed, but a...

CVE-2023-41232

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.7, iOS 17 and iPadOS 17, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. An app may be able to disclose kernel memory...

Cross site scripting

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.7, iOS 17 and iPadOS 17, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. An app may be able to disclose kernel memory...

Out-of-bounds

Vyper is a Pythonic Smart Contract Language for the EVM. The abidecode function does not validate input when it is nested in an expression. Uses of abidecode can be constructed which allow for bounds checking to be bypassed resulting in incorrect results. This issue has not yet been fixed, but a...

SUSE-SU-2023:3803-1 Security update for supportutils

This update for supportutils fixes the following issues: Security Fixes: - CVE-2022-45154: Removed iSCSI passwords bsc1207598. Other fixes: - Changes in version 3.1.26 + powerpc plugin to collect the slots and active memory bsc1210950 + A Cleartext Storage of Sensitive Information vulnerability...

How to verify downloaded ISO images

This article contains information about checking the integrity of the downloaded ISO image before burning it to a media. Corrupted ISO images can lead to problems during installation. Therefore, it is a good practice to check the integrity of the downloaded ISO image...

The vulnerability of the kernel of iOS, watchOS, iPadOS, and macOS allows attackers to escalate their privileges.

The vulnerability of the kernels of iOS, watchOS, iPadOS, and macOS is related to insufficient checking of unusual or exceptional states during the processing of web content. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2023-41232

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.7, iOS 17 and iPadOS 17, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. An app may be able to disclose kernel memory...

CVE-2023-41232

CVE-2023-41232 affects Apple platforms (macOS and iOS/iPadOS). It is an out-of-bounds read vulnerability fixed by improved bounds checking. Affected: macOS Monterey 12.7; macOS Ventura 13.6; iOS/iPadOS 16.7 and 17. An app may disclose kernel memory via a local vulnerability. Remediation: apply up...

CVE-2023-41232

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.7, iOS 17 and iPadOS 17, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. An app may be able to disclose kernel memory...

CVE-2023-42460

CVE-2023-42460 affects Vyper (EVM Python-like language). The _abi_decode() function does not validate input when nested in an expression, enabling construction that bypasses bounds checking and may yield incorrect results. No exploitation details are provided in the documents, and the vulnerabili...

CVE-2023-42460 _abi_decode input not validated in complex expressions in Vyper

Vyper is a Pythonic Smart Contract Language for the EVM. The abidecode function does not validate input when it is nested in an expression. Uses of abidecode can be constructed which allow for bounds checking to be bypassed resulting in incorrect results. This issue has not yet been fixed, but a...

CVE-2023-42460 _abi_decode input not validated in complex expressions in Vyper

Vyper is a Pythonic Smart Contract Language for the EVM. The abidecode function does not validate input when it is nested in an expression. Uses of abidecode can be constructed which allow for bounds checking to be bypassed resulting in incorrect results. This issue has not yet been fixed, but a...

CVE-2023-42460 _abi_decode input not validated in complex expressions in Vyper

Vyper is a Pythonic Smart Contract Language for the EVM. The abidecode function does not validate input when it is nested in an expression. Uses of abidecode can be constructed which allow for bounds checking to be bypassed resulting in incorrect results. This issue has not yet been fixed, but a...

[SECURITY] Fedora 37 Update: roundcubemail-1.6.3-1.fc37

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 38 Update: roundcubemail-1.6.3-1.fc38

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...