MAL-2024-3785 Malicious code in updated-tricks-v-bucks-generator-free_2023-xfkmti (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3722 Malicious code in updated-tricks-v-bucks-generator-free_2023-sdsftg (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3676 Malicious code in updated-tricks-v-bucks-generator-free_2023-m8pvel (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3598 Malicious code in updated-tricks-v-bucks-generator-free_2023-eoorr (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3597 Malicious code in updated-tricks-v-bucks-generator-free_2023-ehy45 (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3365 Malicious code in updated-tricks-roblox-robux-generator-2023-get-verify_1j0hnnn (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3364 Malicious code in updated-tricks-roblox-robux-generator-2023-get-verify_1j0hn (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3308 Malicious code in updated-tricks-roblox-robux-generator-2023-de-losjdg (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2024-28893

Certain HP software packages SoftPaqs are potentially vulnerable to arbitrary code execution when the SoftPaq configuration file has been modified after extraction. HP has released updated software packages SoftPaqs...

MGASA-2024-0045 Updated wireshark packages fix security vulnerabilities

The updated packages fix security vulnerabilities: RTPS dissector memory leak. CVE-2023-5371 SSH dissector invalid read of memory blocks. CVE-2023-6174 NetScreen File Parsing Heap-based Buffer Overflow. CVE-2023-6175 GVCP dissector crash via packet injection or crafted capture file. CVE-2024-0208...

F5 Security Advisory for RCE Vulnerabilities in BIG-IP, BIG-IQ

F5 has released a security advisory to address remote code execution RCE vulnerabilities—CVE-2021-22986, CVE-2021-22987—impacting BIG-IP and BIG-IQ devices. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators review the F...

MGASA-2020-0043 Updated suricata packages fix security vulnerabilities

Updated suricata packages fix security vulnerabilities: The suricata package has been updated to version 4.1.6, which fixes security issues and other bugs. See the upstream announcements for details...

Multiple Cisco Finesse Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in Cisco Finesse could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks. The vulnerabilities are due to improper input validation of certain parameters passed via HTTP GET or POST methods to an affected device. An unauthenticated, remo...

Cisco TelePresence Video Communication Server Command Injection Vulnerability

A vulnerability in the web framework in the Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to inject arbitrary commands that are executed at the nobody privilege level. The vulnerability is due to insufficient input validation. An attacker could...

Cisco Headend Digital Broadband Delivery System Cross-Site Request Forgery Vulnerability

A vulnerability in Cisco Headend Digital Broadband Delivery could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attacks on the affected device. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker...

Cisco WebEx Meetings Server User Enumeration Vulnerability

A vulnerability in the Forgot Password process of the Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to enumerate a valid administrator account. The vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by submitting...

Cisco WebEx Meetings Server Information Disclosure Vulnerability

A vulnerability in the file URI scheme of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive information. The vulnerability is due to inclusion of sensitive information in URLs. An attacker could exploit the vulnerability by viewing application URL...

Cisco Identity Services Engine Periodic Backup Password Disclosure Vulnerability

A vulnerability in the periodic backup functionality of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to discover the password used to encrypt the backup on the system. The vulnerability is due to improper processing of certain client requests by the affected...

Cisco Prime Infrastructure Device Discovery Password Disclosure Vulnerability

A vulnerability in the web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view the passwords stored for device discovery. The vulnerability occurs because the Quick Discovery options page contains the stored password in the HMTL page source. An attacker...

MGASA-2014-0279 Updated samba packages fix multiple vulnerabilities

Updated samba packages fix security vulnerabilities: Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled CVE-2014-0178. Samba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a denial...