Crashing iPhones with a Flipper Zero

The Flipper Zero is an incredibly versatile hacking device. Now it can be used to crash iPhones in its vicinity by sending them a never-ending stream of pop-ups. These types of hacks have been possible for decades, but they require special equipment and a fair amount of expertise. The capabilitie...

The vulnerability in the web interface of the Cisco Catalyst SD-WAN Manager (formerly Cisco SD-WAN vManage) allows a attacker to perform cross-site scripting attacks.

The vulnerability in the web interface of the Cisco Catalyst SD-WAN Manager formerly Cisco SD-WAN vManage relates to the lack of protection for the web page structure during the processing of element fields. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...

Cisco Catalyst 安全漏洞

Cisco Catalyst SD-WAN Manager is an SD-WAN network management program from Cisco USA. A security vulnerability exists in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature, which can be exploited by a remote attacker to submit a special request for unauthorize...

CVE-2023-40019 FreeSWITCH allows authorized users to cause a denial of service attack by sending re-INVITE with SDP containing duplicate codec names

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.10, FreeSWITCH allows authorized users to cause a denial of service attack by sending...

CVE-2023-40018

CVE-2023-40018 concerns FreeSWITCH prior to 1.10.10, where remote attackers can trigger an out-of-bounds write by offering an ICE candidate with an unknown component ID. When an SDP is offered with such ICE candidates, FreeSWITCH may write past array bounds, potentially corrupting memory and caus...

CVE-2023-37435

Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and...

CVE-2023-37426

EdgeConnect SD-WAN Orchestrator instances prior to the versions resolved in this advisory were found to have shared static SSH host keys for all installations. This vulnerability could allow an attacker to spoof the SSH host signature and thereby masquerade as a legitimate Orchestrator host...

Aruba Networks EdgeConnect SD-WAN Orchestrator 跨站脚本漏洞

Aruba Networks EdgeConnect is an edge connectivity management platform from Aruba Networks, USA. A security vulnerability exists in the Aruba Networks EdgeConnect SD-WAN Orchestrator that stems from a stored cross-site scripting vulnerability in the web-based management interface...

Aruba Networks EdgeConnect SD-WAN Orchestrator 路径遍历漏洞

Aruba Networks EdgeConnect is an edge connectivity management platform from Aruba Networks, USA. A security vulnerability exists in Aruba Networks EdgeConnect SD-WAN Orchestrator that stems from a flaw in the web-based management interface that allows an authenticated remote user to run arbitrary...

Aruba Networks EdgeConnect SD-WAN Orchestrator SQL注入漏洞

Aruba Networks EdgeConnect is an edge connectivity management platform from Aruba Networks, USA. A security vulnerability exists in the Aruba Networks EdgeConnect SD-WAN Orchestrator that stems from an SQL injection vulnerability in the web-based management interface...

Faucet SDN Ryu Security Breach

Faucet SDN Ryu is an open source component-based software-defined networking framework from Faucet. A security vulnerability exists in Faucet SDN Ryu version 4.34, which stems from a denial of service DoS attack that allows attackers to conduct a denial of service DoS attack via the component...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.5 security and bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.5 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS bas...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.9 security and bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.11.9 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS bas...

Cisco Releases Security Update for SD-WAN vManage API

Cisco has released a security update to address a critical vulnerability affecting SD-WAN vManage APIlink is external. A remote attacker can exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco security release Cisco SD-WAN...

Cisco SD-WAN vManage 授权问题漏洞

Cisco SD-WAN vManage is a highly customizable dashboard from Cisco, Inc. that simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. Cisco SD-WAN vManage suffers from an input validation error vulnerability that stems from insufficient request validatio...

Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update

Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 6.1 security and bug fix update

New packages for Red Hat Ceph Storage 6.1 are now available on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

The Software-Defined Car

Developers are starting to talk about the software-defined car. For decades, features have accumulated like cruft in new vehicles: a box here to control the antilock brakes, a module there to run the cruise control radar, and so on. Now engineers and designers are rationalizing the way they go...

Open Networking Foundation ONOS 资源管理错误漏洞

Open Networking Foundation ONOS is an open source SDN controller from Open Networking Foundation open source. for building next-generation SDN/NFV solutions. A security vulnerability exists in Open Networking Foundation ONOS version 2.5.1 that stems from a request to clear intents retained in a...

Open Networking Foundation ONOS 安全漏洞

Open Networking Foundation ONOS is an open source SDN controller from Open Networking Foundation open source. It is used to build next-generation SDN/NFV solutions. A security vulnerability exists in Open Networking Foundation ONOS version 2.5.1, which stems from a problem with the intents...