Security Update for the OPC UA .NET Standard Stack

This security update resolves a vulnerability in the OPC UA .NET Standard Stack that allows an unauthorized attacker to bypass application authentication when using HTTPS endpoints...

CVE-2025-1868

Vulnerability of unauthorized exposure of confidential information affecting Advanced IP Scanner and Advanced Port Scanner. It occurs when these applications initiate a network scan, inadvertently sending the NTLM hash of the user performing the scan. This vulnerability can be exploited by...

CVE-2025-1868

CVE-2025-1868 describes an NTLM leakage vulnerability in Famatech’s Advanced IP Scanner and Advanced Port Scanner. When a network scan is initiated, the tools may emit the NTLM hash of the scanning user, enabling an attacker to intercept traffic to a legitimate or fake server to extract the user ...

CVE-2025-1868 Information display on multiple products from Famatech Corp

Vulnerability of unauthorized exposure of confidential information affecting Advanced IP Scanner and Advanced Port Scanner. It occurs when these applications initiate a network scan, inadvertently sending the NTLM hash of the user performing the scan. This vulnerability can be exploited by...

CVE-2025-1868 Information display on multiple products from Famatech Corp

Vulnerability of unauthorized exposure of confidential information affecting Advanced IP Scanner and Advanced Port Scanner. It occurs when these applications initiate a network scan, inadvertently sending the NTLM hash of the user performing the scan. This vulnerability can be exploited by...

CVE-2024-55581

When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...

CVE-2024-55581

When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...

CVE-2024-55581

CVE-2024-55581 affects AdaCore Ada Web Server 25.0.0 when linked with GnuTLS, where AWS.Client defaults do not verify the HTTPS server certificate, enabling MITM attacks if TLS configuration is not explicitly set. Root cause: insecure defaults in AWS.Client with GnuTLS. Impact: potential compromi...

PT-2025-8751 · Adacore +2 · Ada Web Server +3

Name of the Vulnerable Software and Affected Versions: AdaCore Ada Web Server version 25.0.0 Description: The issue concerns a lack of verification of an HTTPS server's certificate in the default behaviour of AWS.Client when linked with GnuTLS, making it vulnerable to a man-in-the-middle attack...

CVE-2024-55581

When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...

CVE-2024-55581

When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...

AlmaLinux 9 : bind9.18 (ALSA-2025:1670)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:1670 advisory. bind: bind9: Many records in the additional section cause CPU exhaustion CVE-2024-11187 bind: bind9: DNS-over-HTTPS implementation suffers from multiple...

Security Bulletin: This Power System update is being released to address CVE-2023-52881

Summary This affects the BMC's network transmission control protocol TCP interface which affects aspects of interfaces that use TCP including the BMC's secure shell SSH, HTTPS interfaces including the BMC's webserver, REST APIs, and ASMi web application, and event and subscriptions services. An...

bind9.18 security update

32:9.18.29-1.el95.1 - Fix CVE-2024-11187 bind: bind9: Many records in the additional section cause CPU exhaustion - Fix CVE-2024-12705 bind: bind9: DNS-over-HTTPS implementation suffers from multiple issues under heavy query load...

HTTPS Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an MIPSBE payload from an HTTPS server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/https/mipsbe/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...

HTTPS Fetch

Fetch and execute an MIPSLE payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/mipsle/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and s...

HTTPS Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an MIPSLE payload from an HTTPS server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/https/mipsle/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...

HTTPS Fetch

Fetch and execute an AARCH64 payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/aarch64/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and...

HTTPS Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an MIPSLE payload from an HTTPS server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/https/mipsle/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp...

HTTPS Fetch, Reverse TCP Stager

Fetch and execute an AARCH64 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/linux/https/aarch64/meterpreter/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and se...