CVE-2022-24390

The CVE concerns Fidelis Network and Deception products with a vulnerability in rconfig’s remote_text_file that, on versions prior to 9.4.5, allows an attacker with CLI user-level access to inject commands into Fidelis components (CommandPost, Collector, Sensor, Sandbox) and neighboring Fidelis c...

GSD-2022-1000865 hwmon: Handle failure to register sensor with thermal zone correctly

hwmon: Handle failure to register sensor with thermal zone correctly This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.103 by commit...

GSD-2022-1000750 hwmon: Handle failure to register sensor with thermal zone correctly

hwmon: Handle failure to register sensor with thermal zone correctly This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.12 by commit...

maltrail

This is a Python-based malicious traffic detection system called Maltrail. It is designed to identify and report malicious traffic, including malware, suspicious domains, and other types of malicious activity. The system uses a combination of publicly available blacklists and custom user-defined...

Design/Logic Flaw

Vulnerability in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with user level access to the CLI to inject root level commands into the component and neighboring Fidelis components. The vulnerability is present in Fidelis Network and...

CVE-2020-4008

The installer of the macOS Sensor for VMware Carbon Black Cloud prior to 3.5.1 handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which a macOS sensor is going to be installed, may overwrite a limited number of files with output from the sensor...

CVE-2020-4008

CVE-2020-4008 concerns the macOS Sensor for VMware Carbon Black Cloud prior to version 3.5.1, where the installer handles certain files insecurely. This vulnerability could allow a local attacker with access to the endpoint to overwrite a limited set of files with output from the sensor installat...

VMware Carbon Black Cloud macOS Sensor installer updates address file overwrite issue (CVE-2020-4008)

3. VMware Carbon Black Cloud macOS Sensor installer file overwrite issue CVE-2020-4008 The installer of the macOS Sensor for VMware Carbon Black Cloud handles certain files in an insecure way. VMware has evaluated the severity of this issue to be in the Low severity range with a CVSSv3 base score...

CVE-2020-7339

CVE-2020-7339 affects McAfee Database Security Server and Sensor prior to version 4.8.0. The vulnerability stems from the use of SHA-1 signed certificates, enabling an attacker on the same local network to potentially intercept communication between the Server and Sensors. Publicly available conn...

Friday Squid Blogging: Underwater Robot Uses Squid-Like Propulsion

This is neat: By generating powerful streams of water, UCSDs squid-like robot can swim untethered. The "squidbot" carries its own power source, and has the room to hold more, including a sensor or camera for underwater exploration. As usual, you can also use this squid post to talk about the...

CVE-2020-13995

CVE-2020-13995 affects the U.S. Air Force Sensor Data Management System extract75. The issue is a buffer overflow in a global variable (sBuffer) that can lead to a Write-What-Where condition. Writing beyond sBuffer can clobber global variables until reaching pointers like DES_info or image_info; ...

FortiOS SSL Deep Inspection TLS Padding Oracle Vulnerabilities

Multiple padding Oracle vulnerabilities Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length in the CBC padding implementation of FortiOS when configured with SSL Deep Inspection policies and with the IPS sensor enabled may allow an attacker to decipher TLS connections going through the FortiGate by...

CVE-2019-10583

Use after free issue occurs when camera access sensors data through direct report mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MDM9607, MSM8909W, Nicobar, QCS605,...

Rockwell Automation SmartSight 9000-Diffused w/cable 42GNP-9020 Photoelectric Sensor

Binary data 752442.prm...

Rockwell Automation SmartSight 9000-Polarized Retroreflective w/mini 42GNU-9220-QD1 Photoelectric Sensor

Binary data 752438.prm...

Rockwell Automation 871TM Unshielded 30mm with micro 871TM-D15ED30-D5 Inductive Proximity Sensor

Binary data 752381.prm...

CVE-2018-19204

PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker with read-write privileges to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the user's input in the POST parameter 'proxyport' is mishandled. The attacker can...

CVE-2018-0453 Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability

A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense FTD sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center FM...

Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability

A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense FTD sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center FM...

Privilege escalation

Management Console in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local privilege escalation vulnerability...