EulerOS 2.0 SP9 : grub2 (EulerOS-SA-2022-1997)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged...

EulerOS 2.0 SP9 : grub2 (EulerOS-SA-2022-1967)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged...

OpenSSL 加密问题漏洞

OpenSSL is an open source capable general-purpose cryptographic library from the Openssl team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

[SECURITY] Fedora 36 Update: golang-github-google-martian-3.1.0-9.fc36

Martian Proxy is a programmable HTTP proxy designed to be used for testing. Martian is a great tool to use if you want to: - Verify that all or some subset of requests are secure - Mock external services at the network layer - Inject headers, modify cookies or perform other mutations of HTTP...

[SECURITY] Fedora 36 Update: dnscrypt-proxy-2.1.1-4.fc36

A flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2 and DNS-over-HTTP/2. Features: - DNS traffic encryption and authentication. Supports DNS-over-HTTPS DoH and DNSCrypt. - DNSSEC compatible - DNS query monitoring, with separate log files for regular and...

DeepTraffic - Deep Learning Models For Network Traffic Classification

For more information please read our papers.  Wei Wang's Google Scholar Homepage Wei Wang, Xuewen Zeng, Xiaozhou Ye, Yiqiang Sheng and Ming Zhu,"Malware Traffic Classification Using Convolutional Neural Networks for Representation Learning," in the 31st International Conference on Information...

GHSA-QM37-C4W6-H9V9 Missing Authorization in Jenkins XPath Configuration Viewer Plugin

XPath Configuration Viewer Plugin 1.1.1 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to access the XPath Configuration Viewer page. Given appropriate XPath expressions, this page grants access to job configuration XML data...

Session 授权问题漏洞

Session is a new type of encrypted private messenger open-sourced by Oxen. A security vulnerability exists in Session version 1.13.0. An attacker exploited the vulnerability to bypass an application's password or passcode lock to access user data...

The vulnerability of the Wiser Smart programmable logic controllers from Schneider Electric, Wiser Controller EER21000 and Wiser Controller EER21001, arises from the use of rigidly encrypted account data. This allows a intruder to execute arbitrary codes.

The vulnerability of the Wiser Smart programmable logic controllers from Schneider Electric, Wiser Controller EER21000 and Wiser Controller EER21001, lies in the use of strictly encrypted user credentials. Exploiting this vulnerability could allow an attacker to execute arbitrary codes remotely...

The vulnerability of Emerson DeltaV industrial workstations lies in the ability to use strictly encrypted account data, which allows an intruder to gain unauthorized access to protected information.

The vulnerability of Emerson DeltaV industrial workstations lies in the possibility of using rigidly encrypted account data. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information...

The vulnerability of the OpenBSI controller display tool, related to the use of strictly encrypted credentials, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the OpenBSI controller display tool lies in the use of strictly encrypted credentials. Exploiting this vulnerability could allow a malicious actor to gain access to the credentials remotely...

The vulnerability of Emerson DeltaV industrial workstations lies in the ability to use strictly encrypted account data, which allows an intruder to gain unauthorized access to protected information.

The vulnerability of Emerson DeltaV industrial workstations lies in the possibility of using rigidly encrypted account data. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information...

CVE-2022-31085

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the session files include the LDAP user name and password in clear text if the PHP OpenSSL extension is not installed or encryption is disabled by...

The vulnerability of microprogrammed software for programmable logic controllers ACE1000, related to the use of strictly encrypted user credentials for SSH accounts, allows a intruder to gain unauthorized access to protected information.

The vulnerability of microprogrammed programmable logic controllers ACE1000 is related to the use of rigidly encoded user data for SSH accounts. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the XRT LAN-to-radio gateway and the XNL port for establishing connections in the microprogrammed logic controllers ACE1000 allows a intruder to gain unauthorized access to protected information.

The vulnerability of the XRT LAN-to-radio gateway and the XNL port for establishing connections in the microprogrammed logic controllers ACE1000 software involves the use of rigidly encrypted credentials. Exploiting this vulnerability could allow an intruder, operating remotely, to gain...

TrelloC2 - Simple C2 Over The Trello API

Simple C2 over Trello's API Proof-of-Concept By: Fabrizio Siciliano @0rbz Update 12/30/2019 Removed hardcoded API key and Token, use input instead. Requirements Python 3.x Setup 1. Create a Trello account: https://trello.com/signup 2. Once logged in, get your API key: https://trello.com/app-key 3...

The vulnerability of microprogrammed software for STARDOM FCN/FCJ programmable logic controllers lies in the possibility of using hard-coded account data, allowing an intruder to gain access to the device.

The vulnerability of microprogrammed software in STARDOM FCN/FCJ programmable logic controllers is related to the possibility of using strictly encrypted account data. Exploiting this vulnerability can allow a remote attacker to gain access to the device...

The vulnerability of SonicWall SMA 1000 series network firewall microprogramming software, which is related to the use of a strictly encrypted cryptographic key, allows attackers to disclose protected information.

The vulnerability of SonicWall SMA 1000 series network firewall microprogramming software is related to the use of a strictly encrypted cryptographic key. Exploiting this vulnerability can allow attackers to disclose protected information...

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-1828)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : grub2 (EulerOS-SA-2022-1828)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged...