Amazon Linux 2 : tomcat (ALASTOMCAT8.5-2023-001)

The version of tomcat installed on the remote host is prior to 8.5.89-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2TOMCAT8.5-2023-001 advisory. The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and...

CVE-2023-5147

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DAR-7000 up to 20151231. It has been classified as critical. This affects an unknown part of the file /sysmanage/updateos.php. The manipulation of the argument 1fileupload leads to unrestricted upload. It is possible to initiate the...

Siemens LOGO! 8 BM Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-25230)

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device. This plugin only works with Tenable.ot. Please visi...

Design/Logic Flaw

Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write fil...

PHPFusion Path Traversal Vulnerability

PHPFusion is a Malaysian PHPFusion company based on MySql and PHP open source lightweight content management system . The system contains modules for news, articles and forums. A security vulnerability exists in PHPFusion, which stems from the presence of outdated dependencies that allow an...

WordPress plugin List 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

PT-2023-4796 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.2.12 Splunk Enterprise versions prior to 9.0.6 Splunk Enterprise versions prior to 9.1.1 Description: The issue is related to the Splunk Web interface of the Splunk Enterprise platform for operational...

Broadcom RAID Controller Encryption Issue Vulnerability

The Broadcom RAID Controller is a series of RAID controllers from Broadcom Corporation USA. A security vulnerability exists in the Broadcom RAID Controller that stems from the web interface's TLS configuration supporting an outdated SHA1 cipher suite, rendering the product susceptible to attack...

Broadcom RAID Controller Encryption Issue Vulnerability

The Broadcom RAID Controller is a series of RAID controllers from Broadcom Corporation USA. A security vulnerability exists in the Broadcom RAID Controller that stems from the web interface's TLS configuration that supports an outdated TLS protocol, making the product vulnerable to attack...

ImageMagick < 7.1.1-11 Multiple Vulnerabilities

The remote Windows host has a version of ImageMagick installed that is prior to 7.1.1-10. It is, therefore, affected by multiple vulnerabilites: - remote code execution vulnerability in OpenBlob with --enable-pipes configured. CVE-2023-34152 - security flaw occuring as undefined behavior of casti...

Missing deadline param in swapExactAmountOut() allowing outdated slippage and allow pending transaction to be executed unexpectedly.

Lines of code Vulnerability details Impact Loss of funds/tokens for the protocol, since block execution is delegated to the block validator without a hard deadline. Proof of Concept The function swapExactAmountOut from LiquidationRouter.sol and LiquidationPair.sol use these methods to swap tokens...

UnRAR Backlink Vulnerability

UnRAR is a command that decompresses files with rar extension. A security vulnerability exists in UnRAR versions prior to 6.2.3. An attacker exploited the vulnerability to extract files outside the target folder via symbolic links...

Mozilla Firefox < 116.0

The version of Firefox installed on the remote Windows host is prior to 116.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-29 advisory. - Memory safety bugs present in Firefox 115. Some of these bugs showed evidence of memory corruption and we presume that...

Missing check of how recent the price is can lead to stale price being used in the protocol

Lines of code Vulnerability details Impact In the ChainlinkOracle.sol file, in the function getChainlinkPriceAggregatorV3Interface feed, there is the check requireupdatedAt != 0, "Round is in incompleted state";. However, there is no check to see that the price is recent and acceptable. If there ...

RUSTSEC-2023-0051 `dlopen_derive` is unmaintained

dlopenderive hasn't been updated since June 9, 2019. dlopenderive depends on quote = "0.6.12" and syn = "0.15.34". Versions 1.0.0 of these dependencies were published on August 13, 2019. The 0. versions haven't received updates since. Note that dlopen is an unmaintained crate from the same...

PT-2023-36095 · Quote +3 · Quote +3

Name of the Vulnerable Software and Affected Versions: dlopen derive affected versions not specified Description: The issue concerns the dlopen derive crate, which has not been updated since June 9, 2019. It depends on outdated versions of quote and syn, specifically quote = "0.6.12" and syn =...

CVE-2023-32455

Dell Wyse ThinOS versions prior to 2208 9.3.2102 contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files...

Amazon Linux 2 : mc (ALAS-2023-2147)

The version of mc installed on the remote host is prior to 4.8.29-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2147 advisory. An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is...

CVE-2023-34130

SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm TEA with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

Hardcoded credentials

SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm TEA with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...