SUSE CVE-2019-6250

A pointer overflow, with code execution, was discovered in ZeroMQ libzmq aka 0MQ 4.2.x and 4.3.x before 4.3.1. A v2decoder.cpp zmq::v2decodert::sizeready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leverag...

CVE-2022-42436

IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. IBM X-Force ID: 238206...

CVE-2023-24156

A command injection vulnerability in the ip parameter in the function recvSlaveUpgstatus of TOTOLINK T8 V4.1.5cu allows attackers to execute arbitrary commands via a crafted MQTT packet...

This Week in Spring - January 9th, 2023

Hi, Spring fans! As I write this Im on a plane winging my way to Helsinki, Finland. A new year and new journeys begin. Its going to be cold there. Wish me luck! Do you know what always warms me up? The thrill of learning. And this weeks no different. This week weve got some good stuff line up so...

CVE-2022-3928

Hardcoded credential is found in affected products' message queue. An attacker that manages to exploit this vulnerability will be able to access data to the internal message queue. This issue affects FOXMAN-UN product: FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B...

Hardcoded credentials

Hardcoded credential is found in affected products' message queue. An attacker that manages to exploit this vulnerability will be able to access data to the internal message queue. This issue affects FOXMAN-UN product: FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B...

CVE-2022-3928

CVE-2022-3928 describes a hardcoded credential in the message queue of Hitachi Energy FOXMAN-UN and UNEM products (R9C–R15B). The vulnerability allows an attacker who can exploit it to access data in the internal message queue. Connected advisories and records confirm the affected families (FOXMA...

CVE-2022-3928 Hardcoded credential is found in the message queue

Hardcoded credential is found in affected products' message queue. An attacker that manages to exploit this vulnerability will be able to access data to the internal message queue. This issue affects FOXMAN-UN product: FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B...

CVE-2022-3928 Hardcoded credential is found in the message queue

Hardcoded credential is found in affected products' message queue. An attacker that manages to exploit this vulnerability will be able to access data to the internal message queue. This issue affects FOXMAN-UN product: FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B...

PT-2023-13717 · Unem +1 · Unem +1

Name of the Vulnerable Software and Affected Versions: FOXMANN-UN versions R9C through R15B UNEM versions R9C through R15B Description: A hardcoded credential is found in the affected products' message queue. An attacker that manages to exploit this issue will be able to access data to the intern...

Hitachi FOXMAN-UN 信任管理问题漏洞

Hitachi FOXMAN-UN is a powerful toolset for a comprehensive NMS suite from Hitachi, Japan. A security vulnerability exists in Hitachi FOXMAN-UN, which stems from the fact that its message queue contains hard-coded credentials that allow an attacker to access data from the internal message queue...

Hitachi Energy UNEM

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: UNEM Vulnerabilities: Inadequate Encryption Strength, Use of Hard-coded Cryptographic Key, Cleartext Transmission of Sensitive Information. 2. RISK EVALUATION Successful...

PT-2025-37586

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak was identified in the init mqueue fs function within the Linux kernel. Specifically, when the setup mq sysctls function failed during the initialization process, the mqueue...

PT-2022-35049 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: A potential memory leak issue was identified in the init mqueue fs function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions pri...

CVE-2022-40230

"IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 235532."...

IBM MQ 输入验证错误漏洞

IBM MQ IBM WebSphere MQ is a messaging middleware product from International Business Machines IBM, Inc. The product provides a reliable, authenticated messaging backbone primarily for service-oriented architectures SOA.IBM MQ has an input validation error vulnerability that could be exploited by...

Vulnerabilities fixed in IBM MQ

Vulnerabilities have been fixed in IBM MQ. The vulnerabilities allow a malicious party to bypass a command measure bypass and perform a denial-of-service DoS. IBM has released updates to fix the vulnerabilities in MQ. For more information, see: https://www.ibm.com/support/pages/node/6823767...

Vulnerability fixed in IBM MQ

IBM has fixed a vulnerability in IBM MQ. Through an XML External Entity Injection XXE, a malicious party can cause a Denial-of-Service by running the MQ environment out of memory run, or gain access to sensitive information. IBM has released updates to fix the vulnerability in MQ 8.0, 9.1 and 9.2...

IBM MQ 代码问题漏洞

IBM MQ IBM WebSphere MQ is a messaging middleware product from IBM. It provides a reliable and proven messaging backbone for Service Oriented Architecture SOA. A security vulnerability exists in IBM MQ that stems from an attacker being able to transfer malicious XML data to IBM MQ via the Explore...

CVE-2021-35095

Improper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobile...