Debian dla-3374 : libmicrohttpd-dev - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3374 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3374-1 [email protected] https://www.debian.org/lts/security/...

[SECURITY] Fedora 37 Update: amanda-3.5.3-1.fc37

AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to one or more tape drives or disk files. AMANDA uses native dump and/or GNU tar facilities and can back up a...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : glibc (SUSE-SU-2023:1718-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1718-1 advisory. - DISPUTED A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authentication Bypass Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authentication Bypass Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1:...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Denial Of Service Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Denial Of Service DoS Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1:...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Unauthenticated Factory Reset Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Unauthenticated Factory Reset Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Exploit Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authorization Bypass Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authorization Bypass IDOR Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Versio...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Exploit

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Exploit Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Cross-Site Request Forgery

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Cross-Site Request Forgery Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Versi...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authentication Bypass

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authentication Bypass Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1:...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Unauthenticated Factory Reset

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Unauthenticated Factory Reset Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authorization Bypass (IDOR)

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authorization Bypass IDOR Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Versio...

Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak. Freedesktop D-Bus is used by IBM Robotic Process Automation as part of container base images CVE-2022-42010, CVE-2022-42011, CVE-2022-42012. GNU Libtasn1 is used by IBM Robotic Process Automation as...

Security Bulletin: A vulnerability in GNU Tar affects IBM MQ Operator and Queue manager container images (CVE-2022-48303)

Summary An issue was identified in Red Hat UBIubi8/ubi-minimal v8.7-x package tar that was shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details CVEID:CVE-2022-48303 DESCRIPTION: GNU Tar is vulnerable to a heap-based buffer overflow, caused by an...

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps version 3.7 Vulnerability Details CVEID:CVE-2021-46848 DESCRIPTION: GNU Libtasn1 could allow a remote attacker to obtain sensitive information, caused by an out-of-bound access flaw in ETYPEOK. By sending a...

Moodle LMS 4.0 - Cross-Site Scripting Vulnerability

Exploit Title: Moodle LMS 4.0 - Cross-Site Scripting XSS Exploit Author: Saud Alenazi Vendor Homepage: https://moodle.org/ Software Link: https://git.in.moodle.com/moodle Version: 4.0 Tested on: XAMPP, Windows 10 Contact: https://twitter.com/dmaral3noz Description: A Cross Site Scripting XSS...

Moodle LMS 4.0 Cross Site Scripting

Exploit Title: Moodle LMS 4.0 - Cross-Site Scripting XSS Date: 26/10/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://moodle.org/ Software Link: https://git.in.moodle.com/moodle Version: 4.0 Tested on: XAMPP, Windows 10 Contact: https://twitter.com/dmaral3noz Description: A Cross Site...

The vulnerability of GnuPG’s information encryption and digital signatures software lies in its weak encryption methods, allowing attackers to gain access to confidential data.

The vulnerability of GnuPG’s information encryption and digital signatures lies in the use of weak encryption algorithms. Exploiting this vulnerability could allow a remote attacker to gain access to confidential data...

Moodle LMS 4.0 - Cross-Site Scripting (XSS)

Exploit Title: Moodle LMS 4.0 - Cross-Site Scripting XSS Date: 26/10/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://moodle.org/ Software Link: https://git.in.moodle.com/moodle Version: 4.0 Tested on: XAMPP, Windows 10 Contact: https://twitter.com/dmaral3noz Description: A Cross Site...