Yokogawa Test & Measurement Corporation Security Vulnerabilities

Denial Of Service (DoS)

libmodbus is vulnerable to Denial of Service (DoS). The vulnerability is due to an invalid pointer in the modbus_receive() function, triggered by a crafted message sent to the unit-test-server, which results in Denial of Service...

CVE-2022-43014

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the joborderID...

Oracle Application Testing Suite Detection

Oracle Application Testing suite, an integrated testing solution, is installed on the remote...

Exploit for SQL Injection in Opencart

CVE-2024-21514 PoC and Bulk Scanner...

Exploit for Command Injection in Ivanti Connect Secure

🚨 CVE-2024-21887 Exploit Tool 🛠️ A robust tool for detecting...

CVE-2023-31081

An issue was discovered in drivers/media/test-drivers/vidtv/vidtv_bridge.c in the Linux kernel 6.2. There is a NULL pointer dereference in vidtv_mux_stop_thread. In vidtv_stop_streaming, after dvb->mux=NULL occurs, it executes...

CVE-2022-48012

Opencats v0.9.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component...

CVE-2022-43019

OpenCATS v0.9.6 was discovered to contain a remote code execution (RCE) vulnerability via the getDataGridPager's ajax...

CVE-2022-43018

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the email parameter in the Check Email...

CVE-2022-43017

OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the indexFile...

CVE-2022-23470

Galaxy is an open-source platform for data analysis. An arbitrary file read exists in Galaxy 22.01 and Galaxy 22.05 due to the switch to Gunicorn, which can be used to read any file accessible to the operating system user under which Galaxy is running. This vulnerability affects Galaxy 22.01 and...

CVE-2024-29040

This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure TPMS_ATTEST. For the field TPM2_GENERATED magic of this structure any number can.....

CVE-2024-35995

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use access_width over bit_width for system memory accesses To align with ACPI 6.3+, since bit_width can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt....

Exploit for CVE-2022-41099

I take no Liability & Warranty on this script please fully test...

CVE-2023-26847

A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the state parameter at...

CVE-2023-26845

A Cross-Site Request Forgery (CSRF) in OpenCATS 0.9.7 allows attackers to force users into submitting web requests via unspecified...

CVE-2023-26846

A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the city parameter at...

CVE-2022-48013

Opencats v0.9.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /opencats/index.php?m=calendar. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description or Title text...

CVE-2022-48011

Opencats v0.9.7 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

CVE-2024-24919 Exploit CVE Identifier: CVE-2024-24919...

Exploit for Improper Initialization in Linux Linux Kernel

CVE-2022-0847 my personal poc and exploit of...

Exploit for Out-of-bounds Write in Google Chrome

CVE-2023-4863 ```bash # checkout webp git clone...

(RHSA-2024:2619) Moderate: rh-mysql80-mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql80-mysql (8.0.36) Security fixes: mysql: Client programs unspecified vulnerability...

CVE-2019-15045

AjaxDomainServlet in Zoho ManageEngine ServiceDesk Plus 10 allows User Enumeration. NOTE: the vendor's position is that this is intended...

CVE-2019-15045

AjaxDomainServlet in Zoho ManageEngine ServiceDesk Plus 10 allows User Enumeration. NOTE: the vendor's position is that this is intended...

Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature

Summary The Import Certificate feature allows arbitrary write into the system. The feature does not check if the provided user input is a certification/key and allows to write into arbitrary paths in the system....

CVE-2023-0121

A denial of service issue was discovered in GitLab CE/EE affecting all versions starting from 13.2.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2 which allows an attacker to cause high resource consumption using malicious test...

ruby:3.1 security, bug fix, and enhancement update

An update is available for rubygem-mysql2, module.rubygem-pg, ruby, module.rubygem-mysql2, rubygem-pg, module.ruby. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

CVE-2024-22236

In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in...

perl:5.32 security update

perl-Algorithm-Diff perl-Archive-Tar perl-Archive-Zip perl-autodie perl-bignum perl-Carp perl-Compress-Bzip2 perl-Compress-Raw-Bzip2 perl-Compress-Raw-Lzma perl-Compress-Raw-Zlib [2.096-2] - Fix test broken by update in zlib on s390x - Related: RHEL-16371 perl-Config-Perl-V perl-constant...

podman security and bug fix update

[4.9.4-4.0.1] - Improved saving remote build context to tarfile in Podman daemon [Orabug: 36495655] - Add devices on container startup, not on creation - Backport fast gzip for compression [Orabug: 36420418] - overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694] - Drop nmap-ncat...

CVE-2019-15045

AjaxDomainServlet in Zoho ManageEngine ServiceDesk Plus 10 allows User Enumeration. NOTE: the vendor's position is that this is intended...

Exploit for CVE-2024-34470

CVE-2024-34470 PoC and Bulk Scanner Overview This is a...

CVE-2022-26086

Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local...

Improper Input Validation

github.com/ollama/ollama is vulnerable to Improper Input Validation. The vulnerability is due to improper validation of the digest format sha256 with 64 hex digits) when getting the model path, which results in the mishandling of the TestGetBlobsPath test cases with fewer than 64 hex digits, more.....

Exploit for Link Following in Git

CVE-2024-32002 RCE PoC Overview This repository contains...

ZTE Cable Modem Web Shell

ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests to web_shell_cmd.gch, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified...

Exploit for Deserialization of Untrusted Data in Apache Log4J

log4j-detect...

Exploit for Code Injection in Exiftool Project Exiftool

Exploit for CVE-2021-22204 (ExifTool) - Arbitrary Code...

CVE-2023-31203

Improper input validation in some OpenVINO Model Server software before version 2022.3 for Intel Distribution of OpenVINO toolkit may allow an unauthenticated user to potentially enable denial of service via network...

CVE-2023-2183

Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access...

Low: keylime security update

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fix(es): keylime: Attestation failure when the quote's signature does not validate (CVE-2023-3674) For more details about the security issue(s), including the impact, a CVSS score,...

CVE-2024-23363

Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management...

CVE-2024-36845

An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the...

Exploit for CVE-2024-31982

CVE-2024-31982 PoC and Bulk Scanner...

Exploit for Path Traversal in Aiohttp

CVE-2024-23334 Exploit and PoC This repository contains a...

test files cause mpeg2 mediaextractor crash

In ElementaryStreamQueue::dequeueAccessUnitH264() of ESQueue.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for...

Exploit for CVE-2024-29973

CVE-2024-29973 PoC and Bulk Scanner Overview This is a...

CVE-2024-36845

An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the...

[SECURITY] Fedora 40 Update: rust-uu_test-0.0.23-3.fc40

test ~ (uutils) evaluate comparison and file type...