CVE-2023-29158

SUBNET PowerSYSTEM Center (PS Center) versions 2020 U10 and earlier are affected by CVE-2023-29158, a replay-capable authentication bypass flaw (capture-replay) that may lead to denial of service or loss of data integrity. Impacted component: PS Center authentication flow; root cause: replay atta...

CVE-2023-29158 SUBNET PowerSYSTEM Center Authentication Bypass by Capture-replay

SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss of data integrity...

PT-2023-23938 · Subnet · Subnet Powersystem Center

Name of the Vulnerable Software and Affected Versions: SUBNET PowerSYSTEM Center versions 2020 U10 and prior Description: The issue allows an attacker to inject malicious code into report header graphic files, which could propagate out of the system and reach users who are subscribed to email...

PT-2023-22176 · Subnet · Subnet Powersystem Center

Name of the Vulnerable Software and Affected Versions: SUBNET PowerSYSTEM Center versions 2020 U10 and prior Description: The issue concerns replay attacks, which may lead to a denial-of-service condition or a loss of data integrity. Recommendations: For SUBNET PowerSYSTEM Center versions 2020 U1...

SUBNET PowerSYSTEM Center 安全漏洞

SUBNET PowerSYSTEM Center is SUBNET's infrastructure for secure, centralized management of the many different intelligent electronic devices meters, relays, RTUs, etc. deployed throughout the transmission and distribution system. A security vulnerability exists in SUBNET PowerSYSTEM Center 2020 U...

SUBNET PowerSYSTEM Center 跨站脚本漏洞

SUBNET PowerSYSTEM Center is SUBNET's infrastructure for secure, centralized management of the many different intelligent electronic devices meters, relays, RTUs, etc. deployed throughout the transmission and distribution system. A cross-site scripting vulnerability exists in SUBNET PowerSYSTEM...

Moderate: dhcp security and bug fix update

The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to...

Moderate: dhcp security and enhancement update

The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to...

CVE-2023-24657

phpipam v1.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the closeClass parameter at /subnet-masks/popup.php...

PT-2023-19730 · Phpipam · Phpipam

Name of the Vulnerable Software and Affected Versions: phpipam version 1.6 Description: The issue is related to a reflected cross-site scripting XSS vulnerability. This vulnerability can be exploited via the closeClass parameter at the "/subnet-masks/popup.php" API endpoint. Recommendations: For...

phpIPAM 跨站脚本漏洞

phpIPAM is an open source PHP and MySQL based IP address management application IPAM. A security vulnerability exists in phpIPAM version 1.6, which was discovered to contain a Reflected Cross-Site Scripting XSS vulnerability via the closeClass parameter of /subnet-masks/popup.php...

CVE-2023-24657

phpipam v1.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the closeClass parameter at /subnet-masks/popup.php...

CVE-2023-24657

phpIPAM 1.6 contains a reflected Cross‑Site Scripting (XSS) vulnerability via the closeClass parameter in /subnet-masks/popup.php. The issue allows injecting arbitrary script into a victim’s browser, potentially exposing cookies or enabling further attacks. The CVE entry (CVE-2023-24657) is rated...

Debian: Security Advisory (DLA-193-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2018-14663

An issue has been found in PowerDNS DNSDist before 1.3.3 allowing a remote attacker to craft a DNS query with trailing data such that the addition of a record by dnsdist, for example an OPT record when adding EDNS Client Subnet, might result in the trailing data being smuggled to the backend as a...

Cyber Espionage Group Earth Kitsune Deploys WhiskerSpy Backdoor in Latest Attacks

The cyber espionage threat actor tracked as Earth Kitsune has been observed deploying a new backdoor called WhiskerSpy as part of a social engineering campaign. Earth Kitsune, active since at least 2019, is known to primarily target individuals interested in North Korea with self-developed malwar...

SUSE CVE-2009-0692

Stack-based buffer overflow in the scriptwriteparams method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option...

SUSE CVE-2012-4503

cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to 1 an invalid subnet in a RPYSUBNETSACCESSED command to the handlesubnetsaccessed function or 2 a RPYCLIENTACCESSES command to the handleclientaccesses functi...

SUSE CVE-2015-1821

Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service chronyd crash or possibly execute arbitrary code by configuring the 1 NTP or 2 cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the...

SUSE CVE-2015-8719

The dissectdnsanswer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service application crash via a crafted packet...