Themis Solutions, Inc. Security Vulnerabilities

CVE-2022-32504

An issue was discovered on certain Nuki Home Solutions devices. The code used to parse the JSON objects received from the WebSocket service provided by the device leads to a stack buffer overflow. An attacker would be able to exploit this to gain arbitrary code execution on a KeyTurner device....

CVE-2024-1762

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTTP_USER_AGENT header in all versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers....

GeniXCMS Cross-site Scripting (XSS) via id parameter

In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id...

CVE-2024-1237

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the flyout_layout attribute in all versions up to, and including, 1.6.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with.....

GeniXCMS Cross-site Scripting (XSS) via id parameter

In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id...

CVE-2007-0794

SQL injection vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: this issue has been disputed by a reliable third party, who states that inc/common.php only contains function...

LiveData ICCP Server Detection

ICCP servers are commonly used in electric transmission and generation systems. Many vendors have integrated the LiveData ICCP stack including Advanced Control Systems, Barco, Eliop, GEA-India, Hitachi, Invensys Process Systems, LiveData, LogicaCMG, Ratio Control Central Stations, SPL Worldgroup,.....

Grafana Email addresses and usernames can not be trusted

Today we are releasing Grafana 9.2.4. Alongside other bug fixes, this patch release includes moderate severity security fixes for CVE-2022-39306. We are also releasing security patches for Grafana 8.5.15 to fix these issues. Release 9.2.4, latest patch, also containing security fix: Download...

GeniXCMS Cross-site Scripting (XSS) vulnerability via id parameter

In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the id...

CVE-2022-32504

An issue was discovered on certain Nuki Home Solutions devices. The code used to parse the JSON objects received from the WebSocket service provided by the device leads to a stack buffer overflow. An attacker would be able to exploit this to gain arbitrary code execution on a KeyTurner device....

CVE-2024-31756

An issue in MarvinTest Solutions Hardware Access Driver v.5.0.3.0 and before and fixed in v.5.0.4.0 allows a local attacker to escalate privileges via the Hw65.sys...

CVE-2022-32504

An issue was discovered on certain Nuki Home Solutions devices. The code used to parse the JSON objects received from the WebSocket service provided by the device leads to a stack buffer overflow. An attacker would be able to exploit this to gain arbitrary code execution on a KeyTurner device....

CVE-2024-32752

Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller is susceptible to Machine-in-the-Middle attacks which could impact door control and...

CVE-2024-32752 Johnson Controls Software House iStar Pro Door Controller

Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller is susceptible to Machine-in-the-Middle attacks which could impact door control and...

CVE-2024-32752

Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller is susceptible to Machine-in-the-Middle attacks which could impact door control and...

CVE-2007-0794

SQL injection vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: this issue has been disputed by a reliable third party, who states that inc/common.php only contains function...

CVE-2024-1605 DLL side-loading in BMC Control-M

BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL) from a directory that grants Write and Read permissions to all users. Leveraging it leads to loading of a potentially malicious libraries, which will execute with the application's privileges. Fix for...

GeniXCMS SQL Injection

GeniXCMS 1.0.2 has SQL Injection in inc/lib/Control/Backend/menus.control.php via the menuid...

CVE-2024-32752 Johnson Controls Software House iStar Pro Door Controller

Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller is susceptible to Machine-in-the-Middle attacks which could impact door control and...

CVE-2024-0912 CCURE passwords exposed to administrators

Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior...

CVE-2024-33220

An issue in the component AslO3_64.sys of ASUSTeK Computer Inc AISuite3 v3.03.36 3.03.36 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

Security Bulletin: Maximo Asset Management: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2024 - Includes Oracle April 2024 CPU plus CVE-2023-38264

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions (including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities).....

CVE-2024-33223

An issue in the component IOMap64.sys of ASUSTeK Computer Inc ASUS GPU TweakII v1.4.5.2 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

CVE-2024-33223

An issue in the component IOMap64.sys of ASUSTeK Computer Inc ASUS GPU TweakII v1.4.5.2 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

CVE-2024-33222

An issue in the component ATSZIO64.sys of ASUSTeK Computer Inc ASUS ATSZIO Driver v0.2.1.7 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

perl-CPAN security update

[2.18-399] - Fix tests to run in correct order [2.18-398] - Fix CVE-2023-31484 - Package tests [2.18-397] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild [2.18-396] - Rebase patches to prevent from installing back-up files [2.18-395] - Rebuilt for...

CVE-2024-0912

Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior...

CVE-2024-33220

An issue in the component AslO3_64.sys of ASUSTeK Computer Inc AISuite3 v3.03.36 3.03.36 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

CVE-2024-33222

An issue in the component ATSZIO64.sys of ASUSTeK Computer Inc ASUS ATSZIO Driver v0.2.1.7 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

CVE-2024-33219

An issue in the component AsIO64.sys of ASUSTeK Computer Inc ASUS SABERTOOTH X99 Driver v1.0.1.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

CVE-2024-2500

The ColorMag theme for WordPress is vulnerable to Stored Cross-Site Scripting via a user's Display Name in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authentciated attackers, with contributor-level access and...

CVE-2024-2500

The ColorMag theme for WordPress is vulnerable to Stored Cross-Site Scripting via a user's Display Name in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authentciated attackers, with contributor-level access and...

glpi -- stored XSS

MITRE Corporation reports: inc/user.class.php in GLPI before 9.4.3 allows XSS via a user...

CVE-2021-47531

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix mmap to include VM_IO and VM_DONTDUMP In commit 510410bfc034 ("drm/msm: Implement mmap as GEM object function") we switched to a new/cleaner method of doing things. That's good, but we missed a little bit. Before...

CVE-2024-33222

An issue in the component ATSZIO64.sys of ASUSTeK Computer Inc ASUS ATSZIO Driver v0.2.1.7 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

CVE-2024-4256

A vulnerability was found in Techkshetra Info Solutions Savsoft Quiz 6.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /public/index.php/Qbank/editCategory of the component Category Page. The manipulation of the argument category_name with the...

CVE-2024-3661

DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify...

CVE-2024-33221

An issue in the component AsusBSItf.sys of ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

CVE-2015-10091

A vulnerability has been found in ByWater Solutions bywater-koha-xslt and classified as critical. This vulnerability affects the function StringSearch of the file admin/systempreferences.pl. The manipulation of the argument name leads to sql injection. The attack can be initiated remotely....

CVE-2024-33220

An issue in the component AslO3_64.sys of ASUSTeK Computer Inc AISuite3 v3.03.36 3.03.36 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

CVE-2024-22318

IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is enabled, the Windows operating system will...

CVE-2024-33221

An issue in the component AsusBSItf.sys of ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

CVE-2024-33221

An issue in the component AsusBSItf.sys of ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

CVE-2024-33219

An issue in the component AsIO64.sys of ASUSTeK Computer Inc ASUS SABERTOOTH X99 Driver v1.0.1.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

CVE-2024-33218

An issue in the component AsUpIO64.sys of ASUSTeK Computer Inc ASUS USB 3.0 Boost Storage Driver 5.30.20.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

CVE-2024-33223

An issue in the component IOMap64.sys of ASUSTeK Computer Inc ASUS GPU TweakII v1.4.5.2 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL...

Genesco Inc. Confirms Payment Card Data Breach in U.S. Stores

Specialty retailer Genesco Inc. announced on Friday that it experienced a criminal intrusion into the part of its computer network that processes payment card transactions. Some card details might have been compromised. However, the company quickly secured the affected network segment and...

CVE-2021-4430

A vulnerability classified as problematic has been found in Ortus Solutions ColdBox Elixir 3.1.6. This affects an unknown part of the file src/defaultConfig.js of the component ENV Variable Handler. The manipulation leads to information disclosure. Upgrading to version 3.1.7 is able to address...

VMware vCenter Detect

VMware vCenter is running on the remote host. It is an enterprise- grade computer virtualization product from VMware,...

MyBB < 1.6.12 Multiple Vulnerabilities

According to its version number, the MyBB install hosted on the remote web server is affected by multiple vulnerabilities : A cross-site scripting flaw exists in misc.php due to improper validation of input when generating a small popup list of smilies. This allows a remote attacker...