Mozilla Firefox和Mozilla Firefox ESR 资源管理错误漏洞

Mozilla Firefox and Mozilla Firefox ESR are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Both Mozilla Firefox and Mozilla Firefox ESR have a resource management...

Ubuntu: Security Advisory (USN-7683-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-30249

CVE-2024-30249 affects Cloudburst Network (RakNet-based components) prior to version 1.0.0.CR1-20240330.101522-15. The root cause is a DoS/UDP amplification vulnerability in RakNet connection handling that can be leveraged to attack a third party or trigger host service suspension. A fix exists i...

Vulnerable SDK components lead to supply chain risks in IoT and OT environments

December 8, 2022 update - Reflected additional research on Boa-related CVEs and updated supply chain diagram. Vulnerabilities in network components, architecture files, and developer tools have become increasingly popular attack vectors to gain access into secure networks and devices. External...

CVE-2020-10560

An issue was discovered in Open Source Social Network OSSN through 5.3. A user-controlled file path with a weak cryptographic rand can be used to read any file with the permissions of the webserver. This can lead to further compromise. The attacker must conduct a brute-force attack against the...

CVE-2018-7081

A remote code execution vulnerability is present in network-listening components in some versions of ArubaOS. An attacker with the ability to transmit specially-crafted IP traffic to a mobility controller could exploit this vulnerability and cause a process crash or to execute arbitrary code with...

XDR Is The Best Remedy As Attackers Increasingly Seek To Evade EDR

Real enterprises are messy places. One messy reality is that enterprises don’t manage all their endpoints. A smart colleague turned me onto using the % of endpoints and servers managed as a prime security metric. On one end of the spectrum are places like universities that maybe manage 10% of the...

[SECURITY] Fedora 26 Update: check-mk-1.2.8p26-1.fc26

check-mk is a general purpose Nagios-plugin for retrieving data. It adopts a new approach for collecting data from operating systems and network compone nts. It obsoletes NRPE, checkbyssh, NSClient, and checksnmp and it has many benefits, the most important are a significant reduction of CPU usag...

[SECURITY] Fedora 27 Update: check-mk-1.2.8p26-1.fc27

check-mk is a general purpose Nagios-plugin for retrieving data. It adopts a new approach for collecting data from operating systems and network compone nts. It obsoletes NRPE, checkbyssh, NSClient, and checksnmp and it has many benefits, the most important are a significant reduction of CPU usag...

CVE-2016-4046

An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure external mail accounts can be abused to map and access network components within the trust boundary of the operator. Users can inject arbitrary hosts and ports to API calls. Depending on the response typ...

CVE-2016-4046

An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure external mail accounts can be abused to map and access network components within the trust boundary of the operator. Users can inject arbitrary hosts and ports to API calls. Depending on the response typ...

ZoomEye Search

The module use the ZoomEye API to search ZoomEye. ZoomEye is a search engine for cyberspace that lets the user find specific network componentsip, services, etc.. Setting facets will output a simple report on the overall search. It's values are: Host search: app, device, service, os, port, countr...

Core Tor Contributor Leaves Project; Shutting Down Important Tor Nodes

Another blow to the Tor Project: One of the Tor Project's earliest contributors has decided to quit the project and shut down all of the important Tor nodes under his administration. Lucky Green was part of the Tor Project before the anonymity network was known as TOR. He probably ran one of the...

[SECURITY] Fedora 21 Update: check-mk-1.2.4p5-2.fc21

check-mk is a general purpose Nagios-plugin for retrieving data. It adopts a new approach for collecting data from operating systems and network compone nts. It obsoletes NRPE, checkbyssh, NSClient, and checksnmp and it has many benefits, the most important are a significant reduction of CPU usag...

[SECURITY] Fedora 21 Update: check-mk-1.2.4p5-1.fc21

check-mk is a general purpose Nagios-plugin for retrieving data. It adopts a new approach for collecting data from operating systems and network compone nts. It obsoletes NRPE, checkbyssh, NSClient, and checksnmp and it has many benefits, the most important are a significant reduction of CPU usag...

[SECURITY] Fedora 20 Update: check-mk-1.2.4p5-1.fc20

check-mk is a general purpose Nagios-plugin for retrieving data. It adopts a new approach for collecting data from operating systems and network compone nts. It obsoletes NRPE, checkbyssh, NSClient, and checksnmp and it has many benefits, the most important are a significant reduction of CPU usag...

Orinoco OEM Residential Gateway SNMP Community String Remote Configuration

No description provided by source. source: http://www.securityfocus.com/bid/5436/info Orinoco is the manufacturer of various wireless network components, including access points and network cards. It is possible to remotely gain access to the identification string used for configuration of OEM...

[SECURITY] Fedora 20 Update: check-mk-1.2.4p2-2.fc20

check-mk is a general purpose Nagios-plugin for retrieving data. It adopts a new approach for collecting data from operating systems and network compone nts. It obsoletes NRPE, checkbyssh, NSClient, and checksnmp and it has many benefits, the most important are a significant reduction of CPU usag...

[SECURITY] Fedora 20 Update: check-mk-1.2.4p2-1.fc20

check-mk is a general purpose Nagios-plugin for retrieving data. It adopts a new approach for collecting data from operating systems and network compone nts. It obsoletes NRPE, checkbyssh, NSClient, and checksnmp and it has many benefits, the most important are a significant reduction of CPU usag...

phpGroupWare多个输入验证漏洞

BUGTRAQ ID: 35761 CVE ID: CVE-2009-4414,CVE-2009-4415,CVE-2009-4416 phpGroupWare是一个用PHP编写的多用户的网络组件，为开发其他程序提供了一个API。 phpGroupWare的多个组件中存在输入验证错误，远程攻击者可以通过提交恶意请求泄露敏感信息、执行跨站脚本或SQL注入攻击。 1 没有正确地验证传送给csvfile参数的输入便在addressbook/csvimport.php中使用，这可能导致在受影响系统上读取任意文件的内容。 2...