Ragic, Inc. Security Vulnerabilities

INC Ransomware Hits NHS Scotland, Threatens Leak of 3TB Patient Data

By Waqas As seen by Hackread.com, the INC ransomware gang claims to have obtained patient records as part of their cyberattack. This is a post from HackRead.com Read the original post: INC Ransomware Hits NHS Scotland, Threatens Leak of 3TB Patient...

WordPress Photoxhibit 2.1.8 - Cross-Site Scripting

WordPress Photoxhibit 2.1.8 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and....

Nextcloud: Weak ssh algorithms and CVE-2023-48795 Discovered on various subdomains of nextcloud.com

Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel. Called Terrapin (CVE-2023-48795, CVSS...

Advance Auto Parts customer data posted for sale

A cybercriminal using the handle Sp1d3r is offering to sell 3 TB of data taken from Advance Auto Parts, Inc. Advance Auto Parts is a US automotive aftermarket parts provider that serves both professional installers and do it yourself customers. Allegedly the customer data includes: Names Email...

CVE-2023-50363

An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. We have already fixed the vulnerability in the following versions: QTS.....

JVN#25594256: Denial-of-service (DoS) vulnerability in IPCOM WAF function

WAF function of IPCOM provided by Fsas Technologies Inc. contains a denial-of-service (DoS) vulnerability (CWE-908). ## Impact If the product receives a specially crafted packet by an attacker, the system may be rebooted or suspended. ## Solution Update the firmware Update the firmware to the...

Debian Security Advisory DSA 608-1 (zgv)

The remote host is missing an update to zgv announced via advisory DSA...

Debian Security Advisory DSA 284-1 (kdegraphics)

The remote host is missing an update to kdegraphics announced via advisory DSA...

Debian Security Advisory DSA 279-1 (metrics)

The remote host is missing an update to metrics announced via advisory DSA...

Debian Security Advisory DSA 296-1 (kdebase)

The remote host is missing an update to kdebase announced via advisory DSA...

Directory Scanner

This plugin attempts to determine the presence of various common dirs on the remote web...

Debian Security Advisory DSA 293-1 (kdelibs)

The remote host is missing an update to kdelibs announced via advisory DSA...

Debian Security Advisory DSA 026-1 (bind)

The remote host is missing an update to bind announced via advisory DSA...

Debian Security Advisory DSA 231-1 (dhcp3)

The remote host is missing an update to dhcp3 announced via advisory DSA...

WordPress Automatic Plugin <= 3.92.0 - SQL Injection

The Automatic plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.92.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append...

JVN#37818611: "ZOZOTOWN" App for Android fails to restrict custom URL schemes properly

"ZOZOTOWN" App for Android provided by ZOZO, Inc. provides the function to access a URL requested via Custom URL Scheme. The App does not restrict access to the function properly (CWE-939) which may be exploited to direct the App to access any sites. ## Impact A remote attacker may lead a user to.....

Apple iOS and Apple iPadOS Buffer Overflow Vulnerability

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for the iPad tablet computer. A buffer overflow vulnerability exists in Apple iOS and iPadOS, which can be exploited by an attacker to...

CVE-2024-2501

The Hubbub Lite – Fast, Reliable Social Sharing Buttons plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.33.1 via deserialization of untrusted input via the 'dpsp_maybe_unserialize' function. This makes it possible for authenticated attackers, with....

About the security content of iOS 17.5 and iPadOS 17.5

About the security content of iOS 17.5 and iPadOS 17.5 This document describes the security content of iOS 17.5 and iPadOS 17.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches...

Microsoft to Support ARM Chips in Upcoming Windows Version

Microsoft Corp., feeling pressure from popular products like Apple Inc.'s iPad, is developing a new operating system that marks a departure from the company's traditional reliance on Intel Corp.'s chip technology. This information comes from sources familiar with Microsoft's plans. Next month,...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-048)

The version of kernel installed on the remote host is prior to 5.10.209-198.812. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-048 advisory. 2024-06-06: CVE-2023-52698 was added to this advisory. 2024-06-06: CVE-2023-52464 was added to this...

CVE-2024-2501

The Hubbub Lite – Fast, Reliable Social Sharing Buttons plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.33.1 via deserialization of untrusted input via the 'dpsp_maybe_unserialize' function. This makes it possible for authenticated attackers, with....

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-519)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-519 advisory. 2024-06-06: CVE-2023-52698 was added to this advisory. 2024-04-25: CVE-2023-52462 was added to this advisory. 2024-04-25: CVE-2024-26591 was added to this advisory. 2024-04-25: CVE-2023-52467...

CVE-2023-52644

In the Linux kernel, the following vulnerability has been resolved: wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled When QoS is disabled, the queue priority value will not map to the correct ieee80211 queue since there is only one queue. Stop/wake queue 0 when QoS is...

CVE-2024-2501

The Hubbub Lite – Fast, Reliable Social Sharing Buttons plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.33.1 via deserialization of untrusted input via the 'dpsp_maybe_unserialize' function. This makes it possible for authenticated attackers, with....

CVE-2024-2026

The Passster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's content_protector shortcode in all versions up to, and including, 4.2.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated....

CVE-2023-21653

Transient DOS in Modem while processing RRC reconfiguration...

Allaire/Macromedia JRun Sample Files (HTTP) - Active Check

This host is running the Allaire JRun web server and has sample files...

libreoffice security fix update

[6.4.7.2-16.0.1] - Replace colors with Oracle colors [Orabug: 32120093] - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. [1:6.4.7.2-16] - Fix CVE-2023-6185 escape url passed to gstreamer - Fix CVE-2023-6186 check link target...

Texas Man Indicted for Hacking Eden Prairie Business, Stealing $274,000

A federal indictment unsealed earlier today alleges that a 35-year-old Texas man hacked into the computer network of an Eden Prairie business, stealing approximately $274,000. The indictment, filed in Minneapolis on October 13, 2010, charges Jeremy Parker of Houston, Texas, with one count of...

CVE-2024-2830

The WordPress Tag and Category Manager – AI Autotagger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'st_tag_cloud' shortcode in all versions up to, and including, 3.13.0 due to insufficient input sanitization and output escaping on user supplied attributes....

CVE-2023-52644

In the Linux kernel, the following vulnerability has been resolved: wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled When QoS is disabled, the queue priority value will not map to the correct ieee80211 queue since there is only one queue. Stop/wake queue 0 when QoS is...

CVE-2024-1587

The Newsmatic theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.0 via the 'newsmatic_filter_posts_load_tab_content'. This makes it possible for unauthenticated attackers to view draft posts and post...

CVE-2022-25740

Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the...

CVE-2022-33211

memory corruption in modem due to improper check while calculating size of serialized CoAP...

CVE-2024-1587

The Newsmatic theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.0 via the 'newsmatic_filter_posts_load_tab_content'. This makes it possible for unauthenticated attackers to view draft posts and post...

Exploit for CVE-2023-43115

ghostscript-CVE-2023-43115 A small write-up with examples to...

Ring agrees to pay $5.6 million after cameras were used to spy on customers

Amazon's Ring has settled with the Federal Trade Commission (FTC) over charges that the company allowed employees and contractors to access customers' private videos, and failed to implement security protections which enabled hackers to take control of customers’ accounts, cameras, and videos. The....

CVE-2024-1587

The Newsmatic theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.0 via the 'newsmatic_filter_posts_load_tab_content'. This makes it possible for unauthenticated attackers to view draft posts and post...

Ubuntu 18.04 LTS : Linux kernel regression (USN-3871-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3871-2 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

JVN#15637138: EC-Orange vulnerable to authorization bypass

EC-Orange provided by S-cubism Inc. is an e-commerce website building system package based on an open source software EC-CUBE. EC-Orange contains an authorization bypass vulnerability (CWE-639). This is the same issue as JVN#51770585 (EC-CUBE vulnerable to authorization bypass). ## Impact A user...

ZZZCMS 1.6.1 - Remote Code Execution

ZZZCMS zzzphp V1.6.1 is vulnerable to remote code execution via the inc/zzz_template.php file because the parserIfLabel() function's filtering is not strict, resulting in PHP code execution as demonstrated by the if:assert...

CVE-2024-26023

OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Hibernate vulnerability (USN-6845-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6845-1 advisory. It was discovered that Hibernate incorrectly handled certain inputs with unsanitized literals. If a user or an automated system were...

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2024-1585)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of...

CVE-2024-23486

Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured...

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2024-1563)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of...

Ubuntu 18.10 : libsolv vulnerabilities (USN-3916-1)

It was discovered that libsolv incorrectly handled certain malformed input. If a user or automated system were tricked into opening a specially crafted file, applications that rely on libsolv could be made to crash, resulting in a denial of service. Note that Tenable Network Security has extracted....

Photon OS 1.0: Freetype2 PHSA-2017-0041

An update of the freetype2 package has been...

Photon OS 1.0: Openjre PHSA-2016-0015

An update of the openjre package has been...