EUVD-2023-29096

Malicious code in bioql PyPI...

DTLS handshake fails on DTLS1.0 even after DTLS is enabled on the SSL VPN VIP.

DTLS handshake fails with DTLS1.0 enabled the SSL VPN VIP causing App Launch Failure...

CVE-2023-25116

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2023-25106

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2023-25110

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

PT-2023-5143 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: Multiple buffer overflow vulnerabilities exist in the vtysh ubus binary due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An...

Virtuozzo Hybrid Infrastructure 4.7 Update 1

This update provides new features, as well as bug fixes and improvements. Vulnerability id: VSTOR-48360 Fixed the false-positive alert "MN backup does not exist." Vulnerability id: VSTOR-48337 After a power failure of all nodes in the high availability cluster, the virtual IP address may be unset...

New Linux Bug Lets Attackers Hijack Encrypted VPN Connections

A team of cybersecurity researchers has disclosed a new severe vulnerability affecting most Linux and Unix-like operating systems, including FreeBSD, OpenBSD, macOS, iOS, and Android, that could allow remote 'network adjacent attackers' to spy on and tamper with encrypted VPN connections. The...

[SECURITY] Fedora 28 Update: mysql-mmm-2.2.1-20.fc28

MMM MySQL Master-Master Replication Manager is a set of flexible scripts to perform monitoring/failover and management of MySQL Master-Master replication configurations with only one node writable at any time. The toolset also has the ability to read balance standard master/slave configurations...

[SECURITY] Fedora 26 Update: mysql-mmm-2.2.1-20.fc26

MMM MySQL Master-Master Replication Manager is a set of flexible scripts to perform monitoring/failover and management of MySQL Master-Master replication configurations with only one node writable at any time. The toolset also has the ability to read balance standard master/slave configurations...

[SECURITY] Fedora 27 Update: mysql-mmm-2.2.1-20.fc27

MMM MySQL Master-Master Replication Manager is a set of flexible scripts to perform monitoring/failover and management of MySQL Master-Master replication configurations with only one node writable at any time. The toolset also has the ability to read balance standard master/slave configurations...

CVE-2017-8840

Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, a...

CVE-2017-8840

Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, a...

CVE-2017-8840

Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, a...

CVE-2002-0209

CVE-2002-0209 affects Nortel Alteon ACEdirector WebOS 9.0 with SLB and Cookie-Based Persistence enabled. A remote attacker can determine the real IP address of a web server when a half-closed session is present, causing ACEdirector to send packets from the server without mapping to the virtual IP...