multicast in source builds from vulnerable setuptools dependency

Impact Some source-builds may be impacted by a CWE-1395 eg. vulnerable setuptools dependency. Multicast prior to v2.0.9a3 on systems with minimal dependancies installed may use setuptools =80.4 Pre-release version v2.0.9a3 and later are recommended for improved stability over v2.0.9a0 Workarounds...

Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read Vulnerability

Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to read root-only files via the dig command without a password. Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary...

Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability

Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to run arbitrary commands as root via the tcpdump command without a password. Title: Cisco ThousandEyes Enterprise Agent Virtual...

Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig

Vulnerability Details Affected Vendor: ThousandEyes Affected Product: ThousandEyes Enterprise Agent Virtual Appliance Affected Version: thousandeyes-va-64-18.04 0.218 Platform: Linux / Ubuntu 18.04 CWE Classification: CWE-1395: Dependency on Vulnerable Third-Party Component, CWE-1220:...

Mitsubishi Electric Factory Automation Products

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: Factory Automation FA Products Vulnerabilities: Dependency on Vulnerable Third-Party Component 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a malicious...