CVE-2023-23448

Inclusion of Sensitive Information in Source Code in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames via analysis of source code...

CVE-2023-23448

Inclusion of Sensitive Information in Source Code in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames via analysis of source code...

PT-2023-18957 · Sick · Sick Ftmg Air Flow Sensor

Name of the Vulnerable Software and Affected Versions: SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 Description: The issue allows a remote attacker to gain information about valid usernames via analysis of source code. This is due to the...

Oracle Linux 9 : emacs (ELSA-2023-2366)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-2366 advisory. 1:27.2-8 - Use a 64KB page size for pdump 1979804 1:27.2-7 - Fix ctags local command execute vulnerability 2149387 Tenable has extracted the preceding descripti...

Malicious code in fotkakukur (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9d31f7505c558cdd72721d54399f7370b937aeddcb487bb93364f35623aff3bd Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

MAL-2023-456 Malicious code in fotkakukur (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9d31f7505c558cdd72721d54399f7370b937aeddcb487bb93364f35623aff3bd Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

Malicious code in maddy_test (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx edb288f616afccdf20ab32d24f5f0616b0b2b91bcdb3d8f0d8bd60e1adbe6b0a Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

Malicious code in flying_pusher (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9091b084b192777c6cbacc1b67d67b879e2cdceda2b68082e975394f648cac68 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

MAL-2023-575 Malicious code in maddy_test (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx edb288f616afccdf20ab32d24f5f0616b0b2b91bcdb3d8f0d8bd60e1adbe6b0a Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

MAL-2023-167 Malicious code in cfa-styleguide (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5562a6cb1d5f239216be52c28e8d316e8ffe0f490d11978863202a6fcfcbe8bc Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

MAL-2023-451 Malicious code in flying_pusher (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9091b084b192777c6cbacc1b67d67b879e2cdceda2b68082e975394f648cac68 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems

Multiple threat actors have capitalized on the leak of Babuk aka Babak or Babyk ransomware code in September 2021 to build as many as nine different ransomware families capable of targeting VMware ESXi systems. "These variants emerged through H2 2022 and H1 2023, which shows an increasing trend o...

Malicious code in zmsqlite3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0c536bdeaf8a35a5a0507e07124cd43448dffc1c837cd5b585df38848bdd5bed Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

MAL-2023-8041 Malicious code in zmsqlite3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0c536bdeaf8a35a5a0507e07124cd43448dffc1c837cd5b585df38848bdd5bed Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

SUSE SLES15 Security Update : go1.20 (SUSE-SU-2023:2105-2)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2105-2 advisory. - HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service...

CVE-2023-31982

Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capturepacketreasmip at /src/capture.c...

CVE-2023-31981

Sngrep v1.6.0 was discovered to contain a stack buffer overflow via the function packetsetpayload at /src/packet.c...

emacs: command execution via shell metacharacters

A flaw was found in the Emacs package. This flaw allows attackers to execute commands via shell metacharacters in the name of a source-code file...

CVE-2023-21404

AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. The static RSA key is not used in any other secure communication nor can it be used to compromise the device or any customer data...

Code injection

AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. The static RSA key is not used in any other secure communication nor can it be used to compromise the device or any customer data...