[SECURITY] Fedora 30 Update: limnoria-20191109-2.fc30

Supybot is a robust it doesn't crash, user friendly it's easy to configure and programmer friendly plugins are extremely easy to write Python IRC bot. It aims to be an adequate replacement for most existing IRC bots. It includes a very flexible and powerful ACL system for controlling access to...

OMRON CX-One CX-Programmer Program Use after Free (CVE-2019-6556)

A use-after-free vulnerability exists in OMRON CX-One CX-Programmer module. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Omron Cx-programmer Exposure of Sensitive Information to an Unauthorized Actor

Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensitive information by reading a file. File data ot500185.nasl...

Omron Cx-programmer Exposure of Sensitive Information to an Unauthorized Actor

Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request. File data ot500217.nasl...

Programmer hacks his attacker; releases decryption keys for Mushtik ransomware

By Sudais "Hey guys, I hacked back this criminal and got the whole database with Mushtik ransomware keys." The last laugh - it's something that everyone would like to have. Turns out, a German programmer by the name of Tobias Fromel had it in a very dramatic fashion. It all started when he was...

OMRON CX-One CX-Programmer CXP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-One CX-Programmer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2019-6556

When processing project files, the application Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the...

Code injection

When processing project files, the application Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the...

CVE-2019-6556

When processing project files, the application Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the...

CVE-2019-6556

CVE-2019-6556 affects Omron CX-Programmer v9.70 and older (within CX-One) and Common Components January 2019 and older. The flaw is a use-after-free during processing of CX project files, allowing an attacker who can entice a user to open a crafted project to execute code with the application’s p...

Omron CX-Programmer

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-Programmer within CX-One Vulnerability: Use After Free 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the...

LibreOffice Macro Code Execution

It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script i...

Reddit Gold: Alice and Bob, Caught in a Web of Lies

Alice and Bob, the beloved or not-so-beloved, depending placeholder characters often used in cryptography examples, have been spotted in the middle of a web of deceit and intrigue by eagle-eyed Redditers. Think lies. Broken hearts. Even…murder. Yep, you heard that right. It all starts with the...

The vulnerability of the Omron CX-Programmer development environment arises from buffer overflows in the stack, allowing attackers to execute arbitrary code.

The vulnerability of the Omron CX-Programmer, designed for programming and configuring Omron PLCs, as well as for configuring compatibility between Omron CX-Servers within the Omron CX-One software suite, arises due to buffer overflow in the stack. Exploiting this vulnerability allows an attacker...

The vulnerability of the Omron CX-Programmer development environment lies in the use of memory after it is freed, allowing a malicious actor to execute arbitrary code.

The vulnerability of the Omron CX-Programmer, designed for programming and configuring Omron PLCs, as well as for enabling compatibility between Omron CX-Servers within the Omron CX-One software suite, lies in the use of memory after it is freed. Exploiting this vulnerability could allow an...

Information disclosure

Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Encore Programmer, all versions, The affected products do not encrypt or do not sufficiently encrypt the following sensitive information while at rest PII and PHI...

CVE-2018-18984

Medtronic CareLink and Encore Programmers do not encrypt or do not sufficiently encrypt sensitive PII and PHI information while at rest...

CVE-2018-18984

CVE-2018-18984 affects Medtronic CareLink and Encore Programmers (9790, 2090, 29901 Encore). The vulnerability is caused by missing or insufficient encryption of sensitive data (PII/PHI) at rest. Impact, as described, is potential exposure of PHI/PII to someone with physical access to the device....

OMRON CX-One CX-Programmer CXP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-One CX-Programmer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The issue results from the lack of...

Omron CX-Programmer Detection (Windows SMB Login)

SMB login-based detection of Omron CX-Programmer. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...