Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2023-46841 | N/A | x86: shadow stack vs exceptions from emulation stubs |
Xen |
Xen |
1 year ago | 1 day ago |
| cve-2023-28746 | 6.5 (v3.1) | Information exposure through microarchitectural s… |
n/a |
Intel(R) Atom(R) Processors |
1 year ago | 1 day ago |
| cve-2025-46652 | In IZArc through 4.5, there is a Mark-of-the-Web … |
IZArc |
IZArc |
1 day ago | 1 day ago | |
| cve-2024-53636 | An arbitrary file upload vulnerability via writef… |
Serosoft |
Academia Student Information System |
1 day ago | 1 day ago | |
| cve-2025-46646 | In Artifex Ghostscript before 10.05.0, decode_utf… |
Artifex |
Ghostscript |
1 day ago | 1 day ago | |
| cve-2024-56430 | OpenFHE through 1.2.3 has a NULL pointer derefere… |
OpenFHE |
OpenFHE |
4 months ago | 1 day ago | |
| cve-2025-2101 | Edumall <= 4.2.4 - Unauthenticated Local File Inclusion |
ThemeMove |
EduMall - Professional LMS Education Center WordPress Theme |
1 day ago | 1 day ago | |
| cve-2024-13812 | Anps Theme plugin <= 1.1.1 - Unauthenticated Arbitrary… |
Anps |
Anps Theme plugin |
1 day ago | 1 day ago | |
| cve-2025-2851 | GL.iNet GL-A1300 Slate Plus RPC plugins.so buffer overflow |
GL.iNet |
GL-A1300 Slate Plus |
1 day ago | 1 day ago | |
| cve-2025-2850 | GL.iNet GL-A1300 Slate Plus Download Interface imprope… |
GL.iNet |
GL-A1300 Slate Plus |
1 day ago | 1 day ago | |
| cve-2025-2811 | GL.iNet GL-A1300 Slate Plus API redos |
GL.iNet |
GL-A1300 Slate Plus |
1 day ago | 1 day ago | |
| cve-2025-2907 | N/A | Order Delivery Date Pro for WooCommerce < 12.3.1 - Una… |
Unknown |
Order Delivery Date |
1 day ago | 1 day ago |
| cve-2025-3915 | Aeropage Sync for Airtable <= 3.2.0 - Missing Authoriz… |
aeropage |
Aeropage Sync for Airtable |
1 day ago | 1 day ago | |
| cve-2025-3914 | Aeropage Sync for Airtable <= 3.2.0 - Authenticated (S… |
aeropage |
Aeropage Sync for Airtable |
1 day ago | 1 day ago | |
| cve-2025-3906 | Integração entre Eduzz e Woocommerce 1.5.0 - 1.7.5 - M… |
felipe152 |
Integração entre Eduzz e Woocommerce |
1 day ago | 1 day ago | |
| cve-2025-3491 | Add custom page template <= 2.0.1 - Authenticated (Adm… |
kiranpatil353 |
Add custom page template |
1 day ago | 1 day ago | |
| cve-2025-1458 | Element Pack Elementor Addons (Header Footer, Template… |
bdthemes |
Element Pack Addons for Elementor – Best Elementor addons with Ready Templates, Blocks, Widgets and WooCommerce Builder |
1 day ago | 1 day ago | |
| cve-2025-2105 | Jupiter X Core <= 4.8.11 - Unauthenticated PHP Object … |
artbees |
Jupiter X Core |
1 day ago | 1 day ago | |
| cve-2024-13808 | Xpro Elementor Addons - Pro <= 1.4.9 - Authenticated (… |
WPXpro |
Xpro Elementor Addons - Pro |
1 day ago | 1 day ago | |
| cve-2025-23367 | 6.5 (v3.1) | Org.wildfly.core:wildfly-server: wildfly improper rbac… |
|
|
2 months ago | 1 day ago |
| cve-2024-6538 | 5.3 (v3.1) | Openshift-console: openshift console: server-side req… |
|
|
5 months ago | 1 day ago |
| cve-2024-0406 | 6.1 (v3.1) | Mholt/archiver: path traversal vulnerability |
|
|
1 year ago | 1 day ago |
| cve-2025-2801 | Create custom forms for WordPress with a smart form pl… |
dorinabc |
Create custom forms for WordPress with a smart form plugin for smart businesses – Form builder for WordPress |
1 day ago | 1 day ago | |
| cve-2025-31324 | 10 (v3.1) | Missing Authorization check in SAP NetWeaver (Visual C… |
SAP_SE |
SAP NetWeaver (Visual Composer development server) |
3 days ago | 1 day ago |
| cve-2025-32728 | In sshd in OpenSSH before 10.0, the DisableForwar… |
OpenBSD |
OpenSSH |
17 days ago | 1 day ago | |
| cve-2025-32433 | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
erlang |
otp |
10 days ago | 1 day ago | |
| cve-2025-22228 | 7.4 (v3.1) | CVE-2025-22228: Spring Security BCryptPasswordEncoder … |
Spring |
Spring Security |
1 month ago | 1 day ago |
| cve-2025-1181 | GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec memory… |
GNU |
Binutils |
2 months ago | 1 day ago | |
| cve-2024-9287 | 5.3 (v4.0) | Virtual environment (venv) activation scripts don't qu… |
Python Software Foundation |
CPython |
6 months ago | 1 day ago |
| cve-2024-6096 | 8.8 (v3.1) | Unsafe Deserialization Vulnerability |
Progress Software Corporation |
Telerik Reporting |
9 months ago | 1 day ago |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-46652 | In IZArc through 4.5, there is a Mark-of-the-Web … |
IZArc |
IZArc |
1 day ago | 1 day ago | |
| cve-2025-46646 | In Artifex Ghostscript before 10.05.0, decode_utf… |
Artifex |
Ghostscript |
1 day ago | 1 day ago | |
| cve-2024-53636 | An arbitrary file upload vulnerability via writef… |
Serosoft |
Academia Student Information System |
1 day ago | 1 day ago | |
| cve-2024-56430 | OpenFHE through 1.2.3 has a NULL pointer derefere… |
OpenFHE |
OpenFHE |
4 months ago | 1 day ago | |
| cve-2025-2101 | Edumall <= 4.2.4 - Unauthenticated Local File Inclusion |
ThemeMove |
EduMall - Professional LMS Education Center WordPress Theme |
1 day ago | 1 day ago | |
| cve-2024-13812 | Anps Theme plugin <= 1.1.1 - Unauthenticated Arbitrary… |
Anps |
Anps Theme plugin |
1 day ago | 1 day ago | |
| cve-2025-2851 | GL.iNet GL-A1300 Slate Plus RPC plugins.so buffer overflow |
GL.iNet |
GL-A1300 Slate Plus |
1 day ago | 1 day ago | |
| cve-2025-2850 | GL.iNet GL-A1300 Slate Plus Download Interface imprope… |
GL.iNet |
GL-A1300 Slate Plus |
1 day ago | 1 day ago | |
| cve-2025-2811 | GL.iNet GL-A1300 Slate Plus API redos |
GL.iNet |
GL-A1300 Slate Plus |
1 day ago | 1 day ago | |
| cve-2025-3915 | Aeropage Sync for Airtable <= 3.2.0 - Missing Authoriz… |
aeropage |
Aeropage Sync for Airtable |
1 day ago | 1 day ago | |
| cve-2025-3914 | Aeropage Sync for Airtable <= 3.2.0 - Authenticated (S… |
aeropage |
Aeropage Sync for Airtable |
1 day ago | 1 day ago | |
| cve-2025-3906 | Integração entre Eduzz e Woocommerce 1.5.0 - 1.7.5 - M… |
felipe152 |
Integração entre Eduzz e Woocommerce |
1 day ago | 1 day ago | |
| cve-2025-3491 | Add custom page template <= 2.0.1 - Authenticated (Adm… |
kiranpatil353 |
Add custom page template |
1 day ago | 1 day ago | |
| cve-2025-2907 | N/A | Order Delivery Date Pro for WooCommerce < 12.3.1 - Una… |
Unknown |
Order Delivery Date |
1 day ago | 1 day ago |
| cve-2025-2105 | Jupiter X Core <= 4.8.11 - Unauthenticated PHP Object … |
artbees |
Jupiter X Core |
1 day ago | 1 day ago | |
| cve-2025-1458 | Element Pack Elementor Addons (Header Footer, Template… |
bdthemes |
Element Pack Addons for Elementor – Best Elementor addons with Ready Templates, Blocks, Widgets and WooCommerce Builder |
1 day ago | 1 day ago | |
| cve-2024-13808 | Xpro Elementor Addons - Pro <= 1.4.9 - Authenticated (… |
WPXpro |
Xpro Elementor Addons - Pro |
1 day ago | 1 day ago | |
| cve-2025-2801 | Create custom forms for WordPress with a smart form pl… |
dorinabc |
Create custom forms for WordPress with a smart form plugin for smart businesses – Form builder for WordPress |
1 day ago | 1 day ago | |
| cve-2024-6538 | 5.3 (v3.1) | Openshift-console: openshift console: server-side req… |
|
|
5 months ago | 1 day ago |
| cve-2025-31324 | 10 (v3.1) | Missing Authorization check in SAP NetWeaver (Visual C… |
SAP_SE |
SAP NetWeaver (Visual Composer development server) |
3 days ago | 1 day ago |
| cve-2025-32728 | In sshd in OpenSSH before 10.0, the DisableForwar… |
OpenBSD |
OpenSSH |
17 days ago | 1 day ago | |
| cve-2025-32433 | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
erlang |
otp |
10 days ago | 1 day ago | |
| cve-2025-22228 | 7.4 (v3.1) | CVE-2025-22228: Spring Security BCryptPasswordEncoder … |
Spring |
Spring Security |
1 month ago | 1 day ago |
| cve-2025-1181 | GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec memory… |
GNU |
Binutils |
2 months ago | 1 day ago | |
| cve-2024-9287 | 5.3 (v4.0) | Virtual environment (venv) activation scripts don't qu… |
Python Software Foundation |
CPython |
6 months ago | 1 day ago |
| cve-2024-6096 | 8.8 (v3.1) | Unsafe Deserialization Vulnerability |
Progress Software Corporation |
Telerik Reporting |
9 months ago | 1 day ago |
| cve-2024-3447 | 6 (v3.1) | Qemu: sdhci: heap buffer overflow in sdhci_write_dataport() |
|
|
5 months ago | 1 day ago |
| cve-2024-10846 | 5.9 (v3.1) | Excessive Platform Resource Consumption within a Loop … |
compose-spec |
compose-go |
3 months ago | 1 day ago |
| cve-2018-5733 | A malicious client can overflow a reference counter in… |
ISC |
ISC DHCP |
6 years ago | 1 day ago | |
| cve-2025-32984 | N/A | NETSCOUT nGeniusONE before 6.4.0 b2350 allows Sto… |
n/a |
n/a |
2 days ago | 1 day ago |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2024-13812 | The The Anps Theme plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in al… | 1 day ago | 1 day ago |
| fkie_cve-2025-2851 | A vulnerability classified as critical has been found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 S… | 1 day ago | 1 day ago |
| fkie_cve-2025-2850 | A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-… | 1 day ago | 1 day ago |
| fkie_cve-2025-2811 | A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-… | 1 day ago | 1 day ago |
| fkie_cve-2025-3915 | The Aeropage Sync for Airtable plugin for WordPress is vulnerable to unauthorized loss of data due … | 1 day ago | 1 day ago |
| fkie_cve-2025-3914 | The Aeropage Sync for Airtable plugin for WordPress is vulnerable to arbitrary file uploads due to … | 1 day ago | 1 day ago |
| fkie_cve-2025-3906 | The Integração entre Eduzz e Woocommerce plugin for WordPress is vulnerable to unauthorized modific… | 1 day ago | 1 day ago |
| fkie_cve-2025-3491 | The Add custom page template plugin for WordPress is vulnerable to PHP Code Injection leading to Re… | 1 day ago | 1 day ago |
| fkie_cve-2025-2907 | The Order Delivery Date WordPress plugin before 12.3.1 does not have authorization and CSRF checks … | 1 day ago | 1 day ago |
| fkie_cve-2025-2105 | The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to… | 1 day ago | 1 day ago |
| fkie_cve-2025-1458 | The Element Pack Addons for Elementor – Free Templates and Widgets for Your WordPress Websites plug… | 1 day ago | 1 day ago |
| fkie_cve-2024-13808 | The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in all … | 1 day ago | 1 day ago |
| fkie_cve-2025-2801 | The The Create custom forms for WordPress with a smart form plugin for smart businesses plugin for … | 1 day ago | 1 day ago |
| fkie_cve-2024-6538 | A flaw was found in OpenShift Console. A Server Side Request Forgery (SSRF) attack can happen if an… | 5 months ago | 1 day ago |
| fkie_cve-2025-31324 | SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allow… | 3 days ago | 1 day ago |
| fkie_cve-2025-32728 | In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentatio… | 17 days ago | 1 day ago |
| fkie_cve-2025-32433 | Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3,… | 10 days ago | 1 day ago |
| fkie_cve-2025-22228 | BCryptPasswordEncoder.matches(CharSequence,String) will incorrectly return true for passwords large… | 1 month ago | 1 day ago |
| fkie_cve-2025-1181 | A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects t… | 2 months ago | 1 day ago |
| fkie_cve-2024-9287 | A vulnerability has been found in the CPython `venv` module and CLI where path names provided when … | 6 months ago | 1 day ago |
| fkie_cve-2024-6096 | In Progress® Telerik® Reporting versions prior to 18.1.24.709, a code execution attack is possible … | 9 months ago | 1 day ago |
| fkie_cve-2024-3447 | A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered … | 5 months ago | 1 day ago |
| fkie_cve-2024-10846 | The compose-go library component in versions v2.10-v2.4.0 allows an authorized user who sends malic… | 3 months ago | 1 day ago |
| fkie_cve-2018-5733 | A malicious client which is allowed to send very large amounts of traffic (billions of packets) to … | 6 years ago | 1 day ago |
| fkie_cve-2025-32984 | NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST … | 2 days ago | 1 day ago |
| fkie_cve-2025-32983 | NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace. | 2 days ago | 1 day ago |
| fkie_cve-2025-46333 | z2d is a pure Zig 2D graphics library. In version 0.6.0, when writing from one surface to another u… | 2 days ago | 2 days ago |
| fkie_cve-2025-32986 | NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authenticatio… | 2 days ago | 2 days ago |
| fkie_cve-2025-32985 | NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files. | 2 days ago | 2 days ago |
| fkie_cve-2025-32982 | NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module. | 2 days ago | 2 days ago |
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-xf25-83cp-2q6v | The Aeropage Sync for Airtable plugin for WordPress is vulnerable to arbitrary file uploads due to … | 1 day ago | 1 day ago |
| ghsa-q5h6-hwf9-q8q9 | The Aeropage Sync for Airtable plugin for WordPress is vulnerable to unauthorized loss of data due … | 1 day ago | 1 day ago |
| ghsa-gc5c-42cc-8xgr | The Integração entre Eduzz e Woocommerce plugin for WordPress is vulnerable to unauthorized modific… | 1 day ago | 1 day ago |
| ghsa-f24m-7jrp-68fr | The Order Delivery Date WordPress plugin before 12.3.1 does not have authorization and CSRF checks … | 1 day ago | 1 day ago |
| ghsa-cfcq-fg8w-gfj9 | The Add custom page template plugin for WordPress is vulnerable to PHP Code Injection leading to Re… | 1 day ago | 1 day ago |
| ghsa-4gp3-vjp8-9r2q | The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to… | 1 day ago | 1 day ago |
| ghsa-p9hw-j397-9vjh | The The Create custom forms for WordPress with a smart form plugin for smart businesses plugin for … | 1 day ago | 1 day ago |
| ghsa-f67g-xcf8-wpp8 | The Element Pack Addons for Elementor – Free Templates and Widgets for Your WordPress Websites plug… | 1 day ago | 1 day ago |
| ghsa-c824-5258-vggv | The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in all … | 1 day ago | 1 day ago |
| ghsa-7w9p-pr7x-mjw2 | SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allow… | 3 days ago | 1 day ago |
| ghsa-pp5v-6vv5-vc6c | NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST … | 1 day ago | 1 day ago |
| ghsa-pm93-pg55-r2jm | A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects t… | 2 months ago | 1 day ago |
| ghsa-mg83-c7gq-rv5c | Spring Security Does Not Enforce Password Length | 1 month ago | 1 day ago |
| ghsa-8343-fjcx-gwpw | NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace. | 1 day ago | 1 day ago |
| ghsa-26mg-p594-q328 | In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentatio… | 17 days ago | 1 day ago |
| ghsa-mq5w-grf9-5rp9 | A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered … | 5 months ago | 1 day ago |
| ghsa-grqq-hcc7-crmr | A vulnerability has been found in the CPython `venv` module and CLI where path names provided when … | 6 months ago | 1 day ago |
| ghsa-g2m5-6x74-9mv6 | In Progress® Telerik® Reporting versions prior to 18.1.24.709, a code execution attack is possible … | 9 months ago | 1 day ago |
| ghsa-6f7q-j62j-5545 | A malicious client which is allowed to send very large amounts of traffic (billions of packets) to … | 2 years ago | 1 day ago |
| ghsa-r7f2-jfpq-8j9r | NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files. | 1 day ago | 1 day ago |
| ghsa-r58q-xq2p-rf3w | NETSCOUT nGeniusONE before 6.4.0 b2350 has a Weak Sudo Configuration. | 1 day ago | 1 day ago |
| ghsa-qjrp-xr9r-wmrg | ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection… | 1 day ago | 1 day ago |
| ghsa-q3v8-fm8w-jqcp | An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verificatio… | 1 day ago | 1 day ago |
| ghsa-h656-x889-hh62 | NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the … | 1 day ago | 1 day ago |
| ghsa-8pjq-x38c-gm89 | NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module. | 1 day ago | 1 day ago |
| ghsa-5cwq-8g5w-gmhm | NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users. | 1 day ago | 1 day ago |
| ghsa-4rmx-r8gj-vj26 | NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authenticatio… | 1 day ago | 1 day ago |
| ghsa-8xp8-gmmj-xc8w | oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative… | 4 months ago | 1 day ago |
| ghsa-4c3f-c9v6-jqxm | The Icegram Express WordPress plugin before 5.7.50 does not sanitise and escape some of its Templa… | 2 days ago | 1 day ago |
| ghsa-m3q9-44rg-xw34 | A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or higher… | 1 year ago | 1 day ago |
| ID | Description | Package | Published | Updated |
|---|---|---|---|---|
| pysec-2024-232 | python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key f… | python-jose | 1 year ago | 2 months ago |
| pysec-2024-231 | LightGBM Remote Code Execution Vulnerability | lightgbm | 5 months ago | 2 months ago |
| pysec-2024-230 | Certifi is a curated collection of Root Certificates for validating the trustworthiness o… | certifi | 9 months ago | 2 months ago |
| pysec-2024-229 | Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execut… | transformers | 5 months ago | 2 months ago |
| pysec-2024-228 | Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code … | transformers | 5 months ago | 2 months ago |
| pysec-2024-227 | Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execu… | transformers | 5 months ago | 2 months ago |
| pysec-2024-226 | Pymatgen (Python Materials Genomics) is an open-source Python library for materials analy… | pymatgen | 1 year ago | 2 months ago |
| pysec-2024-225 | cryptography is a package designed to expose cryptographic primitives and recipes to Pyth… | cryptography | 1 year ago | 2 months ago |
| pysec-2024-224 | Excessive directory permissions in MLflow leads to local privilege escalation when using … | mlflow | 5 months ago | 2 months ago |
| pysec-2024-27 | CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI componen… | crate | 1 year ago | 2 months ago |
| pysec-2019-242 | Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) i… | capstone | 5 years ago | 2 months ago |
| pysec-2025-2 | uniapi version 1.0.7 introduces code that would execute on import of the module and downl… | uniapi | 3 months ago | |
| pysec-2024-223 | Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds … | onnx | 1 year ago | 3 months ago |
| pysec-2024-222 | Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Trav… | onnx | 1 year ago | 3 months ago |
| pysec-2024-221 | aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd i… | aiosmtpd | 1 year ago | 3 months ago |
| pysec-2024-220 | Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 6 months ago | 3 months ago |
| pysec-2024-219 | Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 6 months ago | 3 months ago |
| pysec-2024-218 | Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 6 months ago | 3 months ago |
| pysec-2024-217 | Gradio is an open-source Python package designed for quick prototyping. This is a **data … | gradio | 6 months ago | 3 months ago |
| pysec-2024-216 | Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 6 months ago | 3 months ago |
| pysec-2024-215 | Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 6 months ago | 3 months ago |
| pysec-2024-214 | Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 6 months ago | 3 months ago |
| pysec-2024-213 | Gradio is an open-source Python package designed for quick prototyping. This vulnerabilit… | gradio | 6 months ago | 3 months ago |
| pysec-2024-212 | Apache Airflow versions before 2.10.1 have a vulnerability that allows DAG authors to add… | apache-airflow | 7 months ago | 3 months ago |
| pysec-2024-211 | Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote clien… | waitress | 5 months ago | 3 months ago |
| pysec-2024-210 | Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may… | waitress | 5 months ago | 3 months ago |
| pysec-2024-209 | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions… | vyper | 1 year ago | 3 months ago |
| pysec-2024-208 | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions… | vyper | 1 year ago | 3 months ago |
| pysec-2024-207 | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions… | vyper | 1 year ago | 3 months ago |
| pysec-2024-206 | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions… | vyper | 1 year ago | 3 months ago |
| ID | Description |
|---|---|
| gsd-2024-33851 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33850 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33849 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4295 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4294 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4293 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4292 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4291 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2023-52722 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2022-48685 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2022-48684 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-24777 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-28875 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33846 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33845 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33844 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33843 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33842 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33841 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33840 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33839 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33838 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33837 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33836 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33835 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33834 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33833 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33832 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33831 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33830 | The format of the source doesn't require a description, click on the link for more details |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2024-1223 | Malicious code in @lbnqduy11805/musical-doodle (npm) | 1 year ago | 1 year ago |
| mal-2024-1222 | Malicious code in @lbnqduy11805/miniature-train (npm) | 1 year ago | 1 year ago |
| mal-2024-1221 | Malicious code in @lbnqduy11805/miniature-garbanzo (npm) | 1 year ago | 1 year ago |
| mal-2024-1220 | Malicious code in @lbnqduy11805/legendary-octo-carnival (npm) | 1 year ago | 1 year ago |
| mal-2024-1215 | Malicious code in @lbnqduy11805/congenial-dollop (npm) | 1 year ago | 1 year ago |
| mal-2024-1244 | Malicious code in @lbnqduy11805/urban-octo-adventure (npm) | 1 year ago | 1 year ago |
| mal-2024-1241 | Malicious code in @lbnqduy11805/sturdy-waddle (npm) | 1 year ago | 1 year ago |
| mal-2024-1238 | Malicious code in @lbnqduy11805/stunning-fishstick (npm) | 1 year ago | 1 year ago |
| mal-2024-1237 | Malicious code in @lbnqduy11805/studious-octo-waddle (npm) | 1 year ago | 1 year ago |
| mal-2024-1235 | Malicious code in @lbnqduy11805/special-palm-tree (npm) | 1 year ago | 1 year ago |
| mal-2024-1229 | Malicious code in @lbnqduy11805/refactored-eureka (npm) | 1 year ago | 1 year ago |
| mal-2024-1218 | Malicious code in @lbnqduy11805/friendly-doodle (npm) | 1 year ago | 1 year ago |
| mal-2024-1217 | Malicious code in @lbnqduy11805/expert-waddle (npm) | 1 year ago | 1 year ago |
| mal-2024-1236 | Malicious code in @lbnqduy11805/studious-memory (npm) | 1 year ago | 1 year ago |
| mal-2024-1234 | Malicious code in @lbnqduy11805/special-funicular (npm) | 1 year ago | 1 year ago |
| mal-2024-1231 | Malicious code in @lbnqduy11805/reimagined-happiness (npm) | 1 year ago | 1 year ago |
| mal-2024-1228 | Malicious code in @lbnqduy11805/redesigned-journey (npm) | 1 year ago | 1 year ago |
| mal-2024-1226 | Malicious code in @lbnqduy11805/psychic-journey (npm) | 1 year ago | 1 year ago |
| mal-2024-1214 | Malicious code in @lbnqduy11805/cautious-octo-rotary-phone (npm) | 1 year ago | 1 year ago |
| mal-2024-1212 | Malicious code in @lbnqduy11805/animated-doodle (npm) | 1 year ago | 1 year ago |
| mal-2024-1219 | Malicious code in @lbnqduy11805/ideal-octo-spork (npm) | 1 year ago | 1 year ago |
| mal-2024-1252 | Malicious code in test-npm-lifecycle (npm) | 1 year ago | 1 year ago |
| mal-2024-1251 | Malicious code in shuaishuaiqiang (npm) | 1 year ago | 1 year ago |
| mal-2024-1250 | Malicious code in shuaishuai (npm) | 1 year ago | 1 year ago |
| mal-2024-1249 | Malicious code in shuaiqiang (npm) | 1 year ago | 1 year ago |
| mal-2024-1248 | Malicious code in benjimain (npm) | 1 year ago | 1 year ago |
| mal-2024-1247 | Malicious code in @sber-site/sbercraft-nova-kit (npm) | 1 year ago | 1 year ago |
| mal-2024-1246 | Malicious code in @sber-sd/assistant-web-sdk (npm) | 1 year ago | 1 year ago |
| mal-2024-1211 | Malicious code in tokenaddress (npm) | 1 year ago | 1 year ago |
| mal-2024-1210 | Malicious code in recxn-logs (npm) | 1 year ago | 1 year ago |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2024-3528 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 5 months ago | 3 months ago |
| wid-sec-w-2024-3509 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 5 months ago | 3 months ago |
| wid-sec-w-2024-3486 | Apache Tomcat: Mehrere Schwachstellen | 5 months ago | 3 months ago |
| wid-sec-w-2024-3397 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 5 months ago | 3 months ago |
| wid-sec-w-2024-3376 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 5 months ago | 3 months ago |
| wid-sec-w-2024-3368 | Linux Kernel: Mehrere Schwachstellen | 5 months ago | 3 months ago |
| wid-sec-w-2024-3367 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 5 months ago | 3 months ago |
| wid-sec-w-2024-3276 | Ruby: Schwachstelle ermöglicht Denial of Service | 5 months ago | 3 months ago |
| wid-sec-w-2024-3087 | MediaWiki: Mehrere Schwachstellen | 6 months ago | 3 months ago |
| wid-sec-w-2024-2202 | Apache Tomcat: Schwachstelle ermöglicht Denial of Service | 7 months ago | 3 months ago |
| wid-sec-w-2024-2169 | bluez: Schwachstelle ermöglicht Codeausführung | 7 months ago | 3 months ago |
| wid-sec-w-2024-2078 | Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation | 7 years ago | 3 months ago |
| wid-sec-w-2024-2057 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service oder unspezifischer Angriff | 7 months ago | 3 months ago |
| wid-sec-w-2024-1925 | Linux Kernel: Mehrere Schwachstellen | 8 months ago | 3 months ago |
| wid-sec-w-2024-1916 | VMware Tanzu Spring Boot: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 8 months ago | 3 months ago |
| wid-sec-w-2024-1896 | Ruby: Schwachstelle ermöglicht Denial of Service | 8 months ago | 3 months ago |
| wid-sec-w-2024-1744 | Ruby REXML: Mehrere Schwachstellen ermöglichen Denial of Service | 8 months ago | 3 months ago |
| wid-sec-w-2024-1720 | Ruby REXML: Schwachstelle ermöglicht Denial of Service | 8 months ago | 3 months ago |
| wid-sec-w-2024-1663 | Apache HTTP Server: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen | 9 months ago | 3 months ago |
| wid-sec-w-2024-1625 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 9 months ago | 3 months ago |
| wid-sec-w-2024-1529 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 9 months ago | 3 months ago |
| wid-sec-w-2024-1528 | Linux Kernel: Mehrere Schwachstellen | 9 months ago | 3 months ago |
| wid-sec-w-2024-1522 | Apache Tomcat: Schwachstelle ermöglicht Denial of Service | 9 months ago | 3 months ago |
| wid-sec-w-2024-1520 | Apache HTTP Server: Schwachstelle ermöglicht Offenlegung von Informationen | 9 months ago | 3 months ago |
| wid-sec-w-2024-1504 | Apache HTTP Server: Mehrere Schwachstellen | 9 months ago | 3 months ago |
| wid-sec-w-2024-1418 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 10 months ago | 3 months ago |
| wid-sec-w-2024-1274 | TianoCore EDK2: Schwachstelle ermöglicht Denial of Service | 10 months ago | 3 months ago |
| wid-sec-w-2024-1268 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 10 months ago | 3 months ago |
| wid-sec-w-2024-1108 | Linux Kernel: Mehrere Schwachstellen | 11 months ago | 3 months ago |
| wid-sec-w-2024-1083 | Linux Kernel: Mehrere Schwachstellen | 11 months ago | 3 months ago |
| ID | Description | Published | Updated |
|---|---|---|---|
| ncsc-2025-0015 | Kwetsbaarheden verholpen in Rsync | 3 months ago | 3 months ago |
| ncsc-2025-0014 | Kwetsbaarheid verholpen in Microsoft Dynamics Power Automate | 3 months ago | 3 months ago |
| ncsc-2025-0013 | Kwetsbaarheden verholpen in Microsoft Azure | 3 months ago | 3 months ago |
| ncsc-2025-0012 | Kwetsbaarheden verholpen in Microsoft Office | 3 months ago | 3 months ago |
| ncsc-2025-0011 | Kwetsbaarheden verholpen in Microsoft Developer Tools | 3 months ago | 3 months ago |
| ncsc-2025-0010 | Kwetsbaarheden verholpen in Microsoft Windows | 3 months ago | 3 months ago |
| ncsc-2025-0008 | Kwetsbaarheden verholpen in Siemens producten | 3 months ago | 3 months ago |
| ncsc-2025-0007 | Kwetsbaarheden verholpen in SAP producten | 3 months ago | 3 months ago |
| ncsc-2025-0006 | Kwetsbaarheden verholpen in Juniper JunOS | 3 months ago | 3 months ago |
| NCSC-2025-0005 | Kwetsbaarheden verholpen in Ivanti Connect Secure en Policy Secure | 3 months ago | 3 months ago |
| ncsc-2024-0484 | Kwetsbaarheden verholpen in Ivanti Connect Secure en Policy Secure | 4 months ago | 3 months ago |
| NCSC-2024-0484 | Kwetsbaarheden verholpen in Ivanti Connect Secure en Policy Secure | 4 months ago | 3 months ago |
| NCSC-2025-0004 | Kwetsbaarheden verholpen in SonicWall SonicOS | 3 months ago | 2 months ago |
| ncsc-2025-0003 | Kwetsbaarheden verholpen in Google Android en Samsung Mobile | 3 months ago | 3 months ago |
| NCSC-2025-0003 | Kwetsbaarheden verholpen in Google Android en Samsung Mobile | 3 months ago | 3 months ago |
| ncsc-2025-0002 | Kwetsbaarheden verholpen in Moxa's cellulaire routers en netwerkbeveiligingsapparaten | 3 months ago | 3 months ago |
| NCSC-2025-0002 | Kwetsbaarheden verholpen in Moxa's cellulaire routers en netwerkbeveiligingsapparaten | 3 months ago | 3 months ago |
| ncsc-2024-0470 | Kwetsbaarheden verholpen in Microsoft Windows | 4 months ago | 3 months ago |
| NCSC-2024-0470 | Kwetsbaarheden verholpen in Microsoft Windows | 4 months ago | 3 months ago |
| ncsc-2025-0001 | Kwetsbaarheden verholpen in Ipswitch WhatsUp Gold | 3 months ago | 3 months ago |
| NCSC-2025-0001 | Kwetsbaarheden verholpen in Ipswitch WhatsUp Gold | 3 months ago | 3 months ago |
| ncsc-2024-0500 | Kwetsbaarheden verholpen in Foxit PDF Reader en PDF Editor | 3 months ago | 3 months ago |
| NCSC-2024-0500 | Kwetsbaarheden verholpen in Foxit PDF Reader en PDF Editor | 3 months ago | 3 months ago |
| ncsc-2024-0499 | Kwetsbaarheid verholpen in Palo Alto Networks PAN-OS | 4 months ago | 4 months ago |
| NCSC-2024-0499 | Kwetsbaarheid verholpen in Palo Alto Networks PAN-OS | 4 months ago | 4 months ago |
| ncsc-2024-0498 | Kwetsbaarheid verholpen in Adobe ColdFusion | 4 months ago | 4 months ago |
| NCSC-2024-0498 | Kwetsbaarheid verholpen in Adobe ColdFusion | 4 months ago | 4 months ago |
| ncsc-2024-0497 | Kwetsbaarheden verholpen in IBM Cognos Analytics | 4 months ago | 4 months ago |
| NCSC-2024-0497 | Kwetsbaarheden verholpen in IBM Cognos Analytics | 4 months ago | 4 months ago |
| ncsc-2024-0492 | Kwetsbaarheid verholpen in Apache Struts | 4 months ago | 4 months ago |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-925850 | SSA-925850: Improper Access Control in Polarion ALM | 11 months ago | 11 months ago |
| ssa-923361 | SSA-923361: MODEL File Parsing Vulnerability in Tecnomatix Plant Simulation before V2302.0011 | 11 months ago | 11 months ago |
| ssa-916916 | SSA-916916: Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.5 | 11 months ago | 11 months ago |
| ssa-871717 | SSA-871717: Multiple Vulnerabilities in Polarion ALM | 1 year ago | 11 months ago |
| ssa-712929 | SSA-712929: Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products | 2 years ago | 11 months ago |
| ssa-691715 | SSA-691715: Vulnerability in OPC Foundation Local Discovery Server Affecting Siemens Products | 2 years ago | 11 months ago |
| ssa-665034 | SSA-665034: Vulnerability in Nozomi Guardian/CMC before 23.3.0 on RUGGEDCOM APE1808 devices | 1 year ago | 11 months ago |
| ssa-661579 | SSA-661579: Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go | 11 months ago | 11 months ago |
| ssa-647455 | SSA-647455: Multiple Vulnerabilities in Nozomi Guardian/CMC before 22.6.2 on RUGGEDCOM APE1808 devices | 1 year ago | 11 months ago |
| ssa-593272 | SSA-593272: SegmentSmack in Interniche IP-Stack based Industrial Devices | 5 years ago | 11 months ago |
| ssa-592380 | SSA-592380: Denial of Service Vulnerability in SIMATIC S7-1500 CPUs and related products | 1 year ago | 11 months ago |
| ssa-589937 | SSA-589937: Multiple Memory Corruption Vulnerabilities in Solid Edge | 11 months ago | 11 months ago |
| ssa-552874 | SSA-552874: Denial of Service Vulnerability in SIPROTEC 5 Devices | 2 years ago | 11 months ago |
| ssa-489698 | SSA-489698: X_T File Parsing Vulnerability in Parasolid | 11 months ago | 11 months ago |
| ssa-455250 | SSA-455250: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 devices | 1 year ago | 11 months ago |
| ssa-382651 | SSA-382651: File Parsing Vulnerability in Solid Edge | 1 year ago | 11 months ago |
| ssa-322980 | SSA-322980: Denial of Service Vulnerability in SIPROTEC 5 Devices | 2 years ago | 11 months ago |
| ssa-292063 | SSA-292063: Multiple Vulnerabilities in Nozomi Guardian/CMC before 22.6.3 and 23.1.0 on RUGGEDCOM APE1808 devices | 1 year ago | 11 months ago |
| ssa-292022 | SSA-292022: Vulnerability in Nozomi Guardian/CMC before 23.4.1 on RUGGEDCOM APE1808 devices | 11 months ago | 11 months ago |
| ssa-273900 | SSA-273900: Multiple Vulnerabilities in SIMATIC CN 4100 before V3.0 | 11 months ago | 11 months ago |
| ssa-265688 | SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 | 1 year ago | 11 months ago |
| ssa-258494 | SSA-258494: Stack Overflow Vulnerability in Simcenter Nastran before 2406.90 | 11 months ago | 11 months ago |
| ssa-240541 | SSA-240541: WIBU Systems CodeMeter Heap Buffer Overflow Vulnerability in Industrial Products | 1 year ago | 11 months ago |
| ssa-225840 | SSA-225840: Vulnerabilities in the Network Communication Stack in Sinteso EN and Cerberus PRO EN Fire Protection Systems | 1 year ago | 11 months ago |
| ssa-148641 | SSA-148641: XPath Constraint Vulnerability in Mendix Runtime | 3 years ago | 11 months ago |
| ssa-046364 | SSA-046364: X_T File Parsing Vulnerabilities in Parasolid | 11 months ago | 11 months ago |
| SSA-999588 | SSA-999588: Multiple Vulnerabilities in User Management Component (UMC) before V2.11.2 | 1 year ago | 11 months ago |
| SSA-976324 | SSA-976324: Multiple IGS File Parsing Vulnerabilities in PS/IGES Parasolid Translator Component before V27.1.215 | 11 months ago | 11 months ago |
| SSA-968170 | SSA-968170: Remote Code Execution Vulnerability in SIMATIC STEP 7 V5.x and Derived Products | 1 year ago | 11 months ago |
| SSA-962515 | SSA-962515: Out of Bounds Read Vulnerability in Industrial Products | 11 months ago | 11 months ago |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2023:7469 | Red Hat Security Advisory: OpenShift Container Platform 4.14.4 security and extras update | 1 year ago | 1 hour ago |
| rhsa-2023:7599 | Red Hat Security Advisory: OpenShift Container Platform 4.14.5 bug fix and security update | 1 year ago | 1 hour ago |
| rhsa-2024:0050 | Red Hat Security Advisory: OpenShift Container Platform 4.14.8 bug fix and security update | 1 year ago | 1 hour ago |
| rhsa-2023:7699 | Red Hat Security Advisory: Red Hat OpenShift Pipelines Client tkn for 1.10.6 release and security update | 1 year ago | 1 hour ago |
| rhsa-2023:7555 | Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.3.0 security update | 1 year ago | 1 hour ago |
| rhsa-2023:7479 | Red Hat Security Advisory: OpenShift Container Platform 4.11.54 bug fix and security update | 1 year ago | 1 hour ago |
| rhsa-2023:7201 | Red Hat Security Advisory: OpenShift Container Platform 4.15.0 packages and security update | 1 year ago | 1 hour ago |
| rhsa-2023:7522 | Red Hat Security Advisory: OpenShift Virtualization 4.13.6 security and bug fix update | 1 year ago | 1 hour ago |
| rhsa-2023:7475 | Red Hat Security Advisory: OpenShift Container Platform 4.13.24 bug fix and security update | 1 year ago | 1 hour ago |
| rhsa-2023:7200 | Red Hat Security Advisory: OpenShift Container Platform 4.15.z security update | 1 year ago | 1 hour ago |
| rhsa-2023:7478 | Red Hat Security Advisory: OpenShift Container Platform 4.11.54 security and extras update | 1 year ago | 1 hour ago |
| rhsa-2023:6894 | Red Hat Security Advisory: OpenShift Container Platform 4.12.44 bug fix and security update | 1 year ago | 1 hour ago |
| rhsa-2023:7474 | Red Hat Security Advisory: OpenShift Container Platform 4.13.24 security and extras update | 1 year ago | 1 hour ago |
| rhsa-2023:7323 | Red Hat Security Advisory: OpenShift Container Platform 4.13.23 bug fix and security update | 1 year ago | 1 hour ago |
| rhsa-2023:6893 | Red Hat Security Advisory: OpenShift Container Platform 4.12.44 security and extras update | 1 year ago | 1 hour ago |
| rhsa-2023:7521 | Red Hat Security Advisory: OpenShift Virtualization 4.13.6 RPMs security and bug fix update | 1 year ago | 1 hour ago |
| rhsa-2023:7315 | Red Hat Security Advisory: OpenShift Container Platform 4.14.3 bug fix and security update | 1 year ago | 1 hour ago |
| rhsa-2023:6818 | Red Hat Security Advisory: Satellite 6.14 security and bug fix update | 1 year ago | 1 hour ago |
| rhsa-2023:7515 | Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 9.0.0 security update | 1 year ago | 1 hour ago |
| rhsa-2023:7322 | Red Hat Security Advisory: OpenShift Container Platform 4.13.23 security and extras update | 1 year ago | 1 hour ago |
| rhsa-2023:6842 | Red Hat Security Advisory: OpenShift Container Platform 4.12.43 bug fix and security update | 1 year ago | 1 hour ago |
| rhsa-2023:6279 | Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.11.5 | 1 year ago | 1 hour ago |
| rhsa-2023:7345 | Red Hat Security Advisory: Red Hat OpenShift GitOps v1.9.3 security update | 1 year ago | 1 hour ago |
| rhsa-2023:7342 | Red Hat Security Advisory: OpenShift Container Platform 4.11 low-latency extras update | 1 year ago | 1 hour ago |
| rhsa-2023:6817 | Red Hat Security Advisory: OpenShift Virtualization 4.14.0 Images security and bug fix update | 1 year ago | 1 hour ago |
| rhsa-2023:6841 | Red Hat Security Advisory: Red Hat OpenShift Enterprise security update | 1 year ago | 1 hour ago |
| rhsa-2023:7344 | Red Hat Security Advisory: openshift-gitops-kam security update | 1 year ago | 1 hour ago |
| rhsa-2023:7288 | Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 Openshift Jenkins security update | 1 year ago | 1 hour ago |
| rhsa-2023:6828 | Red Hat Security Advisory: ACS 4.1 enhancement update | 1 year ago | 1 hour ago |
| rhsa-2023:6839 | Red Hat Security Advisory: OpenShift Container Platform 4.14.2 security update | 1 year ago | 1 hour ago |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-24-137-13 | Siemens Industrial Products | 11 months ago | 4 months ago |
| icsa-24-102-04 | Siemens RUGGEDCOM APE1808 | 1 year ago | 4 months ago |
| icsa-24-102-03 | Siemens RUGGEDCOM APE1808 | 1 year ago | 4 months ago |
| icsa-23-257-05 | Siemens SIMATIC IPCs | 1 year ago | 4 months ago |
| icsa-23-222-09 | Siemens SIMATIC | 1 year ago | 4 months ago |
| icsa-23-222-07 | Siemens SIMATIC | 1 year ago | 4 months ago |
| icsa-23-166-06 | Siemens TIA Portal | 1 year ago | 4 months ago |
| icsa-21-194-03 | Siemens PROFINET Devices | 3 years ago | 4 months ago |
| icsa-24-340-02 | Planet Technology Planet WGS-804HPT | 4 months ago | 4 months ago |
| icsa-24-340-01 | AutomationDirect C-More EA9 Programming Software | 4 months ago | 4 months ago |
| ICSA-24-340-02 | Planet Technology Planet WGS-804HPT | 4 months ago | 4 months ago |
| ICSA-24-340-01 | AutomationDirect C-More EA9 Programming Software | 4 months ago | 4 months ago |
| icsa-25-007-01 | ABB ASPECT System | 9 months ago | 4 months ago |
| icsa-24-338-06 | Fuji Electric Tellus Lite V-Simulator | 4 months ago | 4 months ago |
| icsa-24-338-05 | Fuji Electric Monitouch V-SFT | 4 months ago | 4 months ago |
| icsa-24-338-04 | ICONICS and Mitsubishi Electric Products | 4 months ago | 4 months ago |
| icsa-24-338-03 | Open Automation Software | 4 months ago | 4 months ago |
| icsa-24-184-03 | ICONICS and Mitsubishi Electric Products (Update A) | 9 months ago | 4 months ago |
| icsa-22-307-01 | ETIC Telecom Remote Access Server (RAS) (Update B) | 2 years ago | 4 months ago |
| ICSA-24-338-06 | Fuji Electric Tellus Lite V-Simulator | 4 months ago | 4 months ago |
| ICSA-24-338-05 | Fuji Electric Monitouch V-SFT | 4 months ago | 4 months ago |
| ICSA-24-338-04 | ICONICS and Mitsubishi Electric Products | 4 months ago | 4 months ago |
| ICSA-24-338-03 | Open Automation Software | 4 months ago | 4 months ago |
| ICSA-24-338-01 | Ruijie Reyee OS (Update A) | 4 months ago | 4 months ago |
| ICSA-24-184-03 | ICONICS and Mitsubishi Electric Products (Update A) | 9 months ago | 4 months ago |
| ICSA-22-307-01 | ETIC Telecom Remote Access Server (RAS) (Update B) | 2 years ago | 4 months ago |
| va-24-254-02 | TopQuadrant TopBraid EDG Insecure External Password Storage and XXE Vulnerabilities | 7 months ago | 4 months ago |
| VA-24-254-02 | TopQuadrant TopBraid EDG Insecure External Password Storage and XXE Vulnerabilities | 7 months ago | 4 months ago |
| va-24-331-01 | Valor Apps Easy Folder Listing Pro Joomla! extension deserialization vulnerability | 5 months ago | 5 months ago |
| VA-24-331-01 | Valor Apps Easy Folder Listing Pro Joomla! extension deserialization vulnerability | 5 months ago | 5 months ago |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-cucm-xss-SVCkMMW | Cisco Unified Communications Manager Cross-Site Scripting Vulnerability | 5 months ago | 5 months ago |
| cisco-sa-cmm-info-disc-9zemahga | Cisco Meeting Management Information Disclosure Vulnerability | 5 months ago | 5 months ago |
| cisco-sa-cmm-info-disc-9ZEMAhGA | Cisco Meeting Management Information Disclosure Vulnerability | 5 months ago | 5 months ago |
| cisco-sa-ccmp-sxss-qbtdbzdd | Cisco Unified Contact Center Management Portal Stored Cross-Site Scripting Vulnerability | 5 months ago | 5 months ago |
| cisco-sa-ccmp-sxss-qBTDBZDD | Cisco Unified Contact Center Management Portal Stored Cross-Site Scripting Vulnerability | 5 months ago | 5 months ago |
| cisco-sa-backhaul-ap-cmdinj-r7e28ecs | Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point Command Injection Vulnerability | 5 months ago | 5 months ago |
| cisco-sa-backhaul-ap-cmdinj-R7E28Ecs | Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point Command Injection Vulnerability | 5 months ago | 5 months ago |
| cisco-sa-3550-acl-bypass-mhskzc2q | Cisco Nexus 3550-F Switches Access Control List Programming Vulnerability | 5 months ago | 5 months ago |
| cisco-sa-3550-acl-bypass-mhskZc2q | Cisco Nexus 3550-F Switches Access Control List Programming Vulnerability | 5 months ago | 5 months ago |
| cisco-sa-asaftd-acl-bypass-vvnlnkqf | Cisco Adaptive Security Appliance and Firepower Threat Defense Software AnyConnect Access Control List Bypass Vulnerabilities | 6 months ago | 6 months ago |
| cisco-sa-asaftd-acl-bypass-VvnLNKqf | Cisco Adaptive Security Appliance and Firepower Threat Defense Software AnyConnect Access Control List Bypass Vulnerabilities | 6 months ago | 6 months ago |
| cisco-sa-ata19x-multi-rdteqrsy | Cisco ATA 190 Series Analog Telephone Adapter Firmware Vulnerabilities | 6 months ago | 6 months ago |
| cisco-sa-ata19x-multi-RDTEqRsy | Cisco ATA 190 Series Analog Telephone Adapter Firmware Vulnerabilities | 6 months ago | 6 months ago |
| cisco-sa-snort-rf-bypass-oy8f3pnm | Multiple Cisco Products Snort Rate Filter Bypass Vulnerability | 6 months ago | 6 months ago |
| cisco-sa-snort-rf-bypass-OY8f3pnM | Multiple Cisco Products Snort Rate Filter Bypass Vulnerability | 6 months ago | 6 months ago |
| cisco-sa-snort-bypass-ptry37fx | Cisco Firepower Threat Defense Software TCP Snort 3 Detection Engine Bypass Vulnerability | 6 months ago | 6 months ago |
| cisco-sa-snort-bypass-PTry37fX | Cisco Firepower Threat Defense Software TCP Snort 3 Detection Engine Bypass Vulnerability | 6 months ago | 6 months ago |
| cisco-sa-sa-ftd-snort-fw-bcjtzpmu | Cisco Firepower Threat Defense Software and Cisco FirePOWER Services TCP/IP Traffic with Snort 2 and Snort 3 Denial of Service Vulnerability | 6 months ago | 6 months ago |
| cisco-sa-sa-ftd-snort-fw-BCJTZPMu | Cisco Firepower Threat Defense Software and Cisco FirePOWER Services TCP/IP Traffic with Snort 2 and Snort 3 Denial of Service Vulnerability | 6 months ago | 6 months ago |
| cisco-sa-ftd2100-snort-dos-m9humt75 | Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series Appliances TCP UDP Snort 2 and Snort 3 Denial of Service Vulnerability | 6 months ago | 6 months ago |
| cisco-sa-ftd2100-snort-dos-M9HuMt75 | Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series Appliances TCP UDP Snort 2 and Snort 3 Denial of Service Vulnerability | 6 months ago | 6 months ago |
| cisco-sa-ftd-vdb-snort-djj4cnbr | Cisco Firepower Threat Defense Software Vulnerability Database with Snort Detection Engine Security Policy Bypass and Denial of Service Issue | 6 months ago | 6 months ago |
| cisco-sa-ftd-vdb-snort-djj4cnbR | Cisco Firepower Threat Defense Software Vulnerability Database with Snort Detection Engine Security Policy Bypass and Denial of Service Issue | 6 months ago | 6 months ago |
| cisco-sa-ftd-tls-dos-qxye5ufy | Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability | 6 months ago | 6 months ago |
| cisco-sa-ftd-tls-dos-QXYE5Ufy | Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability | 6 months ago | 6 months ago |
| cisco-sa-ftd-statcred-dfc8txt5 | Cisco Firepower Threat Defense Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vulnerability | 6 months ago | 6 months ago |
| cisco-sa-ftd-statcred-dFC8tXT5 | Cisco Firepower Threat Defense Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vulnerability | 6 months ago | 6 months ago |
| cisco-sa-ftd-geoip-bypass-mb4zrdu | Cisco Firepower Threat Defense Software Geolocation ACL Bypass Vulnerability | 6 months ago | 6 months ago |
| cisco-sa-ftd-geoip-bypass-MB4zRDu | Cisco Firepower Threat Defense Software Geolocation ACL Bypass Vulnerability | 6 months ago | 6 months ago |
| cisco-sa-fmc-xss-infodisc-rl4mjfer | Cisco Secure Firewall Management Center Software Cross-Site Scripting and Information Disclosure Vulnerabilities | 6 months ago | 6 months ago |
| ID | Description | Published | Updated |
|---|---|---|---|
| NN-2021:2-01 | Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 | 4 years ago | 1 year ago |
| NN-2021:1-01 | Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 | 4 years ago | 1 year ago |
| NN-2020:3-01 | Angular template injection on custom report name field | 4 years ago | 1 year ago |
| NN-2020:2-01 | Cross-site request forgery attack on change password form | 4 years ago | 1 year ago |
| NN-2019:2-01 | CSV Injection on node label | 5 years ago | 1 year ago |
| NN-2019:1-01 | Stored XSS in field name data model | 5 years ago | 1 year ago |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-49083 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49082 | Windows File Explorer Information Disclosure Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49081 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49080 | Windows IP Routing Management Snapin Remote Code Execution Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49079 | Input Method Editor (IME) Remote Code Execution Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49078 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49077 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49076 | Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49075 | Windows Remote Desktop Services Denial of Service Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49074 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49073 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49072 | Windows Task Scheduler Elevation of Privilege Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49070 | Microsoft SharePoint Remote Code Execution Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49068 | Microsoft SharePoint Elevation of Privilege Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49065 | Microsoft Office Remote Code Execution Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49064 | Microsoft SharePoint Information Disclosure Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49063 | Microsoft/Muzic Remote Code Execution Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49062 | Microsoft SharePoint Information Disclosure Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49059 | Microsoft Office Elevation of Privilege Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-49057 | Microsoft Defender for Endpoint on Android Spoofing Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-43583 | Winlogon Elevation of Privilege Vulnerability | 6 months ago | 4 months ago |
| msrc_cve-2024-38033 | PowerShell Elevation of Privilege Vulnerability | 9 months ago | 4 months ago |
| msrc_cve-2023-38171 | Microsoft QUIC Denial of Service Vulnerability | 1 year ago | 4 months ago |
| msrc_cve-2023-36435 | Microsoft QUIC Denial of Service Vulnerability | 1 year ago | 4 months ago |
| msrc_cve-2024-49041 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 4 months ago | 4 months ago |
| msrc_cve-2024-38199 | Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | 8 months ago | 4 months ago |
| msrc_cve-2024-49040 | Microsoft Exchange Server Spoofing Vulnerability | 5 months ago | 5 months ago |
| msrc_cve-2024-49035 | Partner.Microsoft.Com Elevation of Privilege Vulnerability | 5 months ago | 5 months ago |
| msrc_cve-2024-49053 | Microsoft Dynamics 365 Sales Spoofing Vulnerability | 5 months ago | 5 months ago |
| msrc_cve-2024-49052 | Microsoft Azure PolicyWatch Elevation of Privilege Vulnerability | 5 months ago | 5 months ago |
| ID | Description |
|---|---|
| var-201402-0026 | Buffer overflow in the process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative value in a label_len value. radvd is prone to the follow security vulnerabilities: 1. Multiple local privilege-escalation vulnerability. 2. A local arbitrary file-overwrite vulnerability. 3. Multiple remote denial-of-service vulnerabilities. An attacker can exploit these issues to execute arbitrary code with administrative privileges, overwrite arbitrary files, and cause denial-of-service conditions. The software can replace IPv6 routing for stateless address auto-configuration. A buffer overflow vulnerability exists in the 'process_ra' function in radvd 1.8.1 and earlier. ========================================================================== Ubuntu Security Notice USN-1257-1 November 10, 2011 radvd vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: radvd could be made to crash or overwrite certain files if it received specially crafted network traffic. Software Description: - radvd: Router Advertisement Daemon Details: Vasiliy Kulikov discovered that radvd incorrectly parsed the ND_OPT_DNSSL_INFORMATION option. The default compiler options for affected releases should reduce the vulnerability to a denial of service. This issue only affected Ubuntu 11.04 and 11.10. (CVE-2011-3601) Vasiliy Kulikov discovered that radvd incorrectly filtered interface names when creating certain files. (CVE-2011-3602) Vasiliy Kulikov discovered that radvd incorrectly handled certain lengths. (CVE-2011-3604) Vasiliy Kulikov discovered that radvd incorrectly handled delays when used in unicast mode, which is not the default in Ubuntu. If used in unicast mode, a remote attacker could cause radvd outages, resulting in a denial of service. (CVE-2011-3605) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: radvd 1:1.8-1ubuntu0.1 Ubuntu 11.04: radvd 1:1.7-1ubuntu0.1 Ubuntu 10.10: radvd 1:1.6-1ubuntu0.1 Ubuntu 10.04 LTS: radvd 1:1.3-1.1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1257-1 CVE-2011-3601, CVE-2011-3602, CVE-2011-3604, CVE-2011-3605 Package Information: https://launchpad.net/ubuntu/+source/radvd/1:1.8-1ubuntu0.1 https://launchpad.net/ubuntu/+source/radvd/1:1.7-1ubuntu0.1 https://launchpad.net/ubuntu/+source/radvd/1:1.6-1ubuntu0.1 https://launchpad.net/ubuntu/+source/radvd/1:1.3-1.1ubuntu0.1 . ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for radvd SECUNIA ADVISORY ID: SA46930 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46930/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46930 RELEASE DATE: 2011-11-21 DISCUSS ADVISORY: http://secunia.com/advisories/46930/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46930/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46930 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for radvd. For more information: SA46200 SOLUTION: Update to "net-misc/radvd-1.8.2" or later. ORIGINAL ADVISORY: GLSA 201111-08: http://www.gentoo.org/security/en/glsa/glsa-201111-08.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201111-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: radvd: Multiple vulnerabilities Date: November 20, 2011 Bugs: #385967 ID: 201111-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in radvd which could potentially lead to privilege escalation, data loss, or a Denial of Service. Background ========== radvd is an IPv6 router advertisement daemon for Linux and BSD. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/radvd < 1.8.2 >= 1.8.2 Description =========== Multiple vulnerabilities have been discovered in radvd. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All radvd users should upgrade to the latest stable version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/radvd-1.8.2" References ========== [ 1 ] CVE-2011-3601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3601 [ 2 ] CVE-2011-3602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3602 [ 3 ] CVE-2011-3603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3603 [ 4 ] CVE-2011-3604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3604 [ 5 ] CVE-2011-3605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3605 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201111-08.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 |
| var-201805-1144 | In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several SQL injection vulnerabilities have been identified, which may allow an attacker to disclose sensitive information from the host. plural Advantech WebAccess The product includes SQL An injection vulnerability exists.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the handling of the GetAlarms function in BWMobileService.dll. When parsing the ProjectName parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier |
| var-201805-1143 | In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwsound.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A stack buffer overflow vulnerability exists in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier |
| var-202005-0008 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000791d in DATACORE.exe. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required |
| var-202407-0704 | A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5.40), SICORE Base system (All versions < V1.4.0). Affected devices allow a remote authenticated user or an unauthenticated user with physical access to downgrade the firmware of the device. This could allow an attacker to downgrade the device to older versions with known vulnerabilities. SICAM 8 Power automation platform is a universal, all-in-one hardware and software-based solution for all applications in the power supply sector. SICAM A8000 RTUs are modular devices for remote control and automation applications in all energy supply sectors. SICAM EGS is the gateway for local substations in distribution networks |
| var-200107-0035 | slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. Multiple versions of OpenLDAP contain vulnerabilities that may allow denial-of-service attacks. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product, the CERT/CC encourages you to follow the advice provided below. Vulnerabilities exist in slapd in OpenLDAP 1.x versions prior to 1.2.12 and 2.x versions prior to 2.0.8 |
| var-200512-0643 | Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted (1) QuickTime Image File (QTIF), (2) PICT, or (3) JPEG format image with a long data field. Apple's QuickTime is a player for files and streaming media in a variety of different formats. QuickTime is prone to a remote heap-based overflow vulnerability. This issue presents itself when the application processes a specially crafted QTIF (QuickTime Image) file. A successful attack can result in a remote compromise. Apple QuickTime is prone to a buffer-overflow vulnerability because the application fails to do proper bounds checking on user-supplied data before copying it to finite-sized process buffers. Unsuccessful exploit attempts will most likely crash the application. This issue affects QuickTime 6.5.2 and 7.0.3; other versions may also be vulnerable. QuickTime 7.0.4 may also be vulnerable, but this has not been confirmed. This issue may have previously been discussed in BID 16202 (Apple QuickTime Multiple Code Execution Vulnerabilities). Quicktime will copy to the stack byte by byte when processing the data field of the qtif format file, but it does not perform the correct check, so it will cause a stack overflow in memory. The original function pointer value is 0x44332211. Just overflow it to 0x08332211 and make sure it doesn't crash before overflowing 0x44 to 0x08, and the code will execute. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-011A Apple QuickTime Vulnerabilities Original release date: January 11, 2006 Last revised: January 11, 2006 Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows XP * Microsoft Windows 2000 Overview Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service. I. (CAN-2005-3713) II. Impact The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes. Potential consequences include remote execution of arbitrary code or commands and denial of service. III. Solution Upgrade Upgrade to QuickTime 7.0.4. Appendix A. References * US-CERT Vulnerability Note VU#629845 - <http://www.kb.cert.org/vuls/id/629845> * US-CERT Vulnerability Note VU#921193 - <http://www.kb.cert.org/vuls/id/921193> * US-CERT Vulnerability Note VU#115729 - <http://www.kb.cert.org/vuls/id/115729> * US-CERT Vulnerability Note VU#150753 - <http://www.kb.cert.org/vuls/id/150753> * US-CERT Vulnerability Note VU#913449 - <http://www.kb.cert.org/vuls/id/913449> * CVE-2005-2340 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2340> * CVE-2005-4092 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4092> * CVE-2005-3707 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707> * CVE-2005-3710 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710> * CVE-2005-3713 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3713> * Security Content for QuickTime 7.0.4 - <http://docs.info.apple.com/article.html?artnum=303101> * QuickTime 7.0.4 - <http://www.apple.com/support/downloads/quicktime704.html> * About the Mac OS X 10.4.4 Update (Delta) - <http://docs.info.apple.com/article.html?artnum=302810> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA06-011A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA06-011A Feedback VU#913449" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History January 11, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQ8V8iX0pj593lg50AQJ85wf+OuHVseQVzZ0uI8h8TnmtAJmjzV6tp3Cj 34jwpSLlvo5S8svIHChcX/BYOwKVL/uQZswsjk/mbEu+TrPcVKPd7VPCetxIXVey AdC5hsAH1Wm0MnvY1LgvONo8IQ9RlT6Rj6fY7k7QhPUWsYxj/rDCWDAY9kgsHXc/ HpXWL/Cy5va35z8aYHrLVlxmofKrOWtX0PVa6lSKV8lIsY+TDihA5tYIb5wRDVxL osieJ+MHSXGchXpjX2c0o6Ja6vhJNR61LEwelk9FMLT1JRTkp+wz9/AoVUSyZ/hy 0WBP0M8cwl8koWgijNcLXA18YX8QtDftAVRwpwHKMrbNCYdrWblYVw== =5Kiq -----END PGP SIGNATURE----- |
| var-200512-0611 | Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 was originally identified by CVE-2005-4128 for a pre-patch announcement. Apple's QuickTime is a player for files and streaming media in a variety of different formats. A flaw in QuickTime's handling of Targa (TGA) image format files could allow a remote attacker to execute arbitrary code on a vulnerable system. Apple From QuickTime Version that fixes multiple vulnerabilities in 7.0.4 Has been released.Arbitrary code may be executed by a remote third party, DoS You can be attacked. For more information, see the information provided by the vendor. These issues arise when the application handles specially crafted QTIF, TGA, TIFF, and GIF image formats. Successful exploits of these issues may allow remote attackers to trigger a denial-of-service condition or to gain unauthorized access. This issue affects both Mac OS X and Microsoft Windows releases of the software. This issue may be triggered when the application processes a malformed movie (.MOV) file. Successful exploitation will result in execution of arbitrary code in the context of the currently logged in user. This issue affects Apple QuickTime 7.0.3 and iTunes 6.0.1. Earlier versions may also be affected. Multiple buffer overflow vulnerabilities exist in QuickTime.qts. This specific flaw exists within the QuickTime.qts file which many applications access QuickTime's functionality through. By specially crafting atoms within a movie file, a direct heap overwrite is triggered, and reliable code execution is then possible. Technical Details: Technical Description: The code in QuickTime.qts responsible for the size of the Sample Description Table entries from the 'stsd' atom in a QuickTime-format movie on the heap. According to developer.apple.com, the format of the Sample Description Atom is as follows: Field Description ---------------------------------------------------------------- Size 32-bit int Data Format 4 char code Reserved 6 bytes that must be 0 Data Reference Index 16-bit int Hint Track Version 16-bit unsigned int Last compatible hint track version 16-bit unsigned int Max Packet Size 32-bit int Additional Data Table Variable By setting the size of the Sample Description Table to a size of 00 15 - 00 D0 will cause a heap-based overflow. By supplying the "Last compatible hint track version" field with the value of 00 05 - 00 09, an insufficiently-sized heap block will be allocated, resulting in a classic complete heap memory overwrite during the RtlAllocateHeap() function and the attacker can control memory with data taken from the filename of the .MOV file. This vulnerability can be successfully exploited via an embedded media player in an HTML page, email, or HTML link. References QuickTime: QuickTime File Format http://developer.apple.com/documentation/QuickTime/QTFF/index.html Protection: Retina Network Security Scanner has been updated to identify this vulnerability. Vendor Status: Apple has released a patch for this vulnerability. The patch is available via the Updates section of the affected applications. This vulnerability has been assigned the CVE identifier CVE-2005-4092. Credit: Discovery: Karl Lynn Greetings: 0x41414141 Copyright (c) 1998-2006 eEye Digital Security Permission is hereby granted for the redistribution of this alert electronically. It is not to be edited in any way without express consent of eEye. If you wish to reprint the whole or any part of this alert in any other medium excluding electronic medium, please email alert@eEye.com for permission. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are no warranties, implied or express, with regard to this information. In no event shall the author be liable for any direct or indirect damages whatsoever arising out of or in connection with the use or spread of this information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-011A Apple QuickTime Vulnerabilities Original release date: January 11, 2006 Last revised: January 11, 2006 Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows XP * Microsoft Windows 2000 Overview Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service. I. (CAN-2005-3713) II. Impact The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes. III. Solution Upgrade Upgrade to QuickTime 7.0.4. Appendix A. References * US-CERT Vulnerability Note VU#629845 - <http://www.kb.cert.org/vuls/id/629845> * US-CERT Vulnerability Note VU#921193 - <http://www.kb.cert.org/vuls/id/921193> * US-CERT Vulnerability Note VU#115729 - <http://www.kb.cert.org/vuls/id/115729> * US-CERT Vulnerability Note VU#150753 - <http://www.kb.cert.org/vuls/id/150753> * US-CERT Vulnerability Note VU#913449 - <http://www.kb.cert.org/vuls/id/913449> * CVE-2005-2340 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2340> * CVE-2005-4092 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4092> * CVE-2005-3707 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707> * CVE-2005-3710 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710> * CVE-2005-3713 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3713> * Security Content for QuickTime 7.0.4 - <http://docs.info.apple.com/article.html?artnum=303101> * QuickTime 7.0.4 - <http://www.apple.com/support/downloads/quicktime704.html> * About the Mac OS X 10.4.4 Update (Delta) - <http://docs.info.apple.com/article.html?artnum=302810> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA06-011A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA06-011A Feedback VU#913449" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History January 11, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQ8V8iX0pj593lg50AQJ85wf+OuHVseQVzZ0uI8h8TnmtAJmjzV6tp3Cj 34jwpSLlvo5S8svIHChcX/BYOwKVL/uQZswsjk/mbEu+TrPcVKPd7VPCetxIXVey AdC5hsAH1Wm0MnvY1LgvONo8IQ9RlT6Rj6fY7k7QhPUWsYxj/rDCWDAY9kgsHXc/ HpXWL/Cy5va35z8aYHrLVlxmofKrOWtX0PVa6lSKV8lIsY+TDihA5tYIb5wRDVxL osieJ+MHSXGchXpjX2c0o6Ja6vhJNR61LEwelk9FMLT1JRTkp+wz9/AoVUSyZ/hy 0WBP0M8cwl8koWgijNcLXA18YX8QtDftAVRwpwHKMrbNCYdrWblYVw== =5Kiq -----END PGP SIGNATURE----- |
| var-200512-0300 | Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a GIF image file with a crafted Netscape Navigator Application Extension Block that modifies the heap in the Picture Modifier block. Apple's QuickTime is a player for files and streaming media in a variety of different formats. A flaw in QuickTime's handling of Targa (TGA) image format files could allow a remote attacker to execute arbitrary code on a vulnerable system. Apple From QuickTime Version that fixes multiple vulnerabilities in 7.0.4 Has been released.Arbitrary code may be executed by a remote third party, DoS You can be attacked. For more information, see the information provided by the vendor. QuickTime is prone to a remote heap-based overflow vulnerability. This issue presents itself when the application processes a specially crafted GIF image file. A successful attack can result in a remote compromise. Versions prior to QuickTime 7.0.4 are vulnerable. This flaw has proven to allow for reliable control of data on the heap chunk and can be exploited via a web site by using ActiveX controls. The heap can be overwritten in the Picture Modifier block. The block size calculate code such as: .text:66A339CC mov ax, [esi+0Ch] .text:66A339D0 xor ecx, ecx .text:66A339D2 mov [esp+34h+var_28], ecx .text:66A339D6 mov [esp+34h+var_24], ecx .text:66A339DA mov [esp+34h+var_20], ecx .text:66A339DE mov [esp+34h+var_1C], ecx .text:66A339E2 mov word ptr [esp+34h+var_10], cx .text:66A339E7 mov [esp+34h+arg_4], eax .text:66A339EB movsx eax, ax .text:66A339EE mov word ptr [esp+34h+var_10+2], cx .text:66A339F3 mov cx, [esi+8] .text:66A339F7 movsx edx, cx .text:66A339FA sub eax, edx .text:66A339FC movsx edx, word ptr [esi+6] .text:66A33A00 add eax, 3Eh .text:66A33A03 push edi .text:66A33A04 movsx edi, word ptr [esi+0Ah] .text:66A33A08 sar eax, 3 .text:66A33A0B lea ebx, [esi+6] .text:66A33A0E and eax, 0FFFFFFFCh .text:66A33A11 sub edi, edx .text:66A33A13 movsx edx, ax .text:66A33A16 mov [esi+4], ax .text:66A33A1A imul edi, edx The allocate code is : .text:66A33A68 push edi .text:66A33A69 call sub_668B5B30 But when it real process data to this memory, it use real decode data to write this memory but didn\xa1\xaft check this heap size. This is segment of the write code function(sub_66AE0A70): .text:66AE0B18 movsx edx, word ptr [edi+12h] ; default .text:66AE0B1C imul edx, [edi+0Ch] .text:66AE0B20 mov ecx, [edi+4] .text:66AE0B23 inc word ptr [edi+16h] .text:66AE0B27 mov eax, [esp+arg_0] .text:66AE0B2B add edx, ecx .text:66AE0B2D mov [eax], edx .text:66AE0B2F mov eax, [ebp+10h] .text:66AE0B32 test eax, eax .text:66AE0B34 jz short loc_66AE0B62 .text:66AE0B36 mov ax, [ebp+1Ch] .text:66AE0B3A mov edx, [ebp+0Ch] .text:66AE0B3D movzx cx, ah .text:66AE0B41 mov ch, al .text:66AE0B43 mov [edx], cx .text:66AE0B46 movsx eax, word ptr [edi+12h] .text:66AE0B4A imul eax, [ebp+14h] .text:66AE0B4E add eax, [ebp+10h] .text:66AE0B51 mov cx, [ebp+18h] .text:66AE0B55 mov [ebp+0Ch], eax .text:66AE0B58 mov [ebp+1Ah], cx .text:66AE0B5C mov word ptr [ebp+1Ch], 0 Vendor Status: Apple has released a patch for this vulnerability. An attacker can create a qtif file and send it to the user via email, web page, or qtif file with activex and can directy overflow a function pointer immediately used so it can bypass any stack overflow protection in systems such as xp sp2 and 2003 sp1. Technical Details: When Quicktime processes the data field of a qtif format file, it will copy it to the stack by a byte to a byte , but there is no proper checking, so it will cause a stack overflow in memory. And in this stack, there is a function pointer which will be used immediately when it pre byte copies, so we can use it to bypass any stack overflow protection, such in xp sp2 and 2003 sp1. The origin function point value is 0x44332211. We only need to overflow it to : 0x08332211, ensuring it didn't cause a crash before the 0x44 has been overflowed to 0x08. When it overflows to 0x08332211, we can execute code to 0x08332211, and can first use javascript to get this memory and set my code in it. call [esp+138h+arg_4] <- call a function point in the stack, but this point can be overflowed References QuickTime: QuickTime File Format http://developer.apple.com/documentation/QuickTime/QTFF/index.html Protection: Retina Network Security Scanner has been updated to identify this vulnerability. Vendor Status: Apple has released a patch for this vulnerability. The patch is available via the Updates section of the affected applications. This vulnerability has been assigned the CVE identifier CVE-2005-2340. Credit: Discovery: Fang Xing Greetings: Thanks to all the guys at eEye, and especially Karl Lynn's help. Copyright (c) 1998-2006 eEye Digital Security Permission is hereby granted for the redistribution of this alert electronically. It is not to be edited in any way without express consent of eEye. If you wish to reprint the whole or any part of this alert in any other medium excluding electronic medium, please email alert@eEye.com for permission. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are no warranties, implied or express, with regard to this information. In no event shall the author be liable for any direct or indirect damages whatsoever arising out of or in connection with the use or spread of this information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-011A Apple QuickTime Vulnerabilities Original release date: January 11, 2006 Last revised: January 11, 2006 Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows XP * Microsoft Windows 2000 Overview Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service. I. Description Apple QuickTime 7.0.4 resolves a number of image and media file handling vulnerabilities. (CAN-2005-3713) II. Impact The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes. Potential consequences include remote execution of arbitrary code or commands and denial of service. III. Solution Upgrade Upgrade to QuickTime 7.0.4. Appendix A. References * US-CERT Vulnerability Note VU#629845 - <http://www.kb.cert.org/vuls/id/629845> * US-CERT Vulnerability Note VU#921193 - <http://www.kb.cert.org/vuls/id/921193> * US-CERT Vulnerability Note VU#115729 - <http://www.kb.cert.org/vuls/id/115729> * US-CERT Vulnerability Note VU#150753 - <http://www.kb.cert.org/vuls/id/150753> * US-CERT Vulnerability Note VU#913449 - <http://www.kb.cert.org/vuls/id/913449> * CVE-2005-2340 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2340> * CVE-2005-4092 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4092> * CVE-2005-3707 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707> * CVE-2005-3710 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710> * CVE-2005-3713 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3713> * Security Content for QuickTime 7.0.4 - <http://docs.info.apple.com/article.html?artnum=303101> * QuickTime 7.0.4 - <http://www.apple.com/support/downloads/quicktime704.html> * About the Mac OS X 10.4.4 Update (Delta) - <http://docs.info.apple.com/article.html?artnum=302810> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA06-011A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA06-011A Feedback VU#913449" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History January 11, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQ8V8iX0pj593lg50AQJ85wf+OuHVseQVzZ0uI8h8TnmtAJmjzV6tp3Cj 34jwpSLlvo5S8svIHChcX/BYOwKVL/uQZswsjk/mbEu+TrPcVKPd7VPCetxIXVey AdC5hsAH1Wm0MnvY1LgvONo8IQ9RlT6Rj6fY7k7QhPUWsYxj/rDCWDAY9kgsHXc/ HpXWL/Cy5va35z8aYHrLVlxmofKrOWtX0PVa6lSKV8lIsY+TDihA5tYIb5wRDVxL osieJ+MHSXGchXpjX2c0o6Ja6vhJNR61LEwelk9FMLT1JRTkp+wz9/AoVUSyZ/hy 0WBP0M8cwl8koWgijNcLXA18YX8QtDftAVRwpwHKMrbNCYdrWblYVw== =5Kiq -----END PGP SIGNATURE----- |
| var-200512-0297 | Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified image height and width (ImageWidth) tags. Apple's QuickTime is a player for files and streaming media in a variety of different formats. Apple From QuickTime Version that fixes multiple vulnerabilities in 7.0.4 Has been released.Arbitrary code may be executed by a remote third party, DoS You can be attacked. For more information, see the information provided by the vendor. QuickTime is prone to a remote integer-overflow vulnerability. This issue presents itself when the application processes a specially crafted TIFF file. A successful attack can result in a remote compromise. Versions prior to QuickTime 7.0.4 are vulnerable. Fortinet Security Advisory: FSA-2006-03 Apple QuickTime Player ImageWidth Denial of Service Vulnerability Advisory Date : January 12, 2006 Reported Date : November 28, 2005 Vendor : Apple computers Affected Products : Apple QuickTime Player v7.0.3 Severity : Medium Reference : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710 http://docs.info.apple.com/article.html?artnum=303101 http://www.securityfocus.com/bid/16202/info Description : Fortinet Security Research Team (FSRT) has discovered a Denial of Service Vulnerability in the Apple QuickTime Player. This is due to application failure to sanitize the parameter ImageWidth value while parsing TIFF image files. Impact : Denial of Service Solution : Apple Computers has released a security update for this vulnerability, which is available for downloading from Apples's web site under security update. Fortinet Protection: Fortinet is protecting network from this vulnerability with latest IPS update. Acknowledgment : Dejun Meng of Fortinet Security Research team found this vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-011A Apple QuickTime Vulnerabilities Original release date: January 11, 2006 Last revised: January 11, 2006 Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows XP * Microsoft Windows 2000 Overview Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service. I. Description Apple QuickTime 7.0.4 resolves a number of image and media file handling vulnerabilities. (CAN-2005-3713) II. Impact The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes. Potential consequences include remote execution of arbitrary code or commands and denial of service. III. Solution Upgrade Upgrade to QuickTime 7.0.4. Appendix A. References * US-CERT Vulnerability Note VU#629845 - <http://www.kb.cert.org/vuls/id/629845> * US-CERT Vulnerability Note VU#921193 - <http://www.kb.cert.org/vuls/id/921193> * US-CERT Vulnerability Note VU#115729 - <http://www.kb.cert.org/vuls/id/115729> * US-CERT Vulnerability Note VU#150753 - <http://www.kb.cert.org/vuls/id/150753> * US-CERT Vulnerability Note VU#913449 - <http://www.kb.cert.org/vuls/id/913449> * CVE-2005-2340 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2340> * CVE-2005-4092 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4092> * CVE-2005-3707 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707> * CVE-2005-3710 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710> * CVE-2005-3713 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3713> * Security Content for QuickTime 7.0.4 - <http://docs.info.apple.com/article.html?artnum=303101> * QuickTime 7.0.4 - <http://www.apple.com/support/downloads/quicktime704.html> * About the Mac OS X 10.4.4 Update (Delta) - <http://docs.info.apple.com/article.html?artnum=302810> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA06-011A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA06-011A Feedback VU#913449" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History January 11, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQ8V8iX0pj593lg50AQJ85wf+OuHVseQVzZ0uI8h8TnmtAJmjzV6tp3Cj 34jwpSLlvo5S8svIHChcX/BYOwKVL/uQZswsjk/mbEu+TrPcVKPd7VPCetxIXVey AdC5hsAH1Wm0MnvY1LgvONo8IQ9RlT6Rj6fY7k7QhPUWsYxj/rDCWDAY9kgsHXc/ HpXWL/Cy5va35z8aYHrLVlxmofKrOWtX0PVa6lSKV8lIsY+TDihA5tYIb5wRDVxL osieJ+MHSXGchXpjX2c0o6Ja6vhJNR61LEwelk9FMLT1JRTkp+wz9/AoVUSyZ/hy 0WBP0M8cwl8koWgijNcLXA18YX8QtDftAVRwpwHKMrbNCYdrWblYVw== =5Kiq -----END PGP SIGNATURE----- |
| var-200512-0294 | Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files. Apple's QuickTime is a player for files and streaming media in a variety of different formats. For more information, see the information provided by the vendor. QuickTime is prone to a remote buffer-overflow vulnerability. This issue presents itself when the application processes a specially crafted TGA image file. A successful attack can result in a remote compromise. Versions prior to QuickTime 7.0.4 are vulnerable. Fortinet Security Advisory: FSA-2006-04 Apple QuickTime Player Improper Memory Access Vulnerability Advisory Date : January 12, 2006 Reported Date : November 28, 2005 Vendor : Apple computers Affected Products : Apple QuickTime Player v7.0.3 Severity : High Reference : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707 http://docs.info.apple.com/article.html?artnum=303101 http://www.securityfocus.com/bid/16202/info Description : Fortinet Security Research Team (FSRT) has discovered a Improper Memory Access Vulnerability in the Apple QuickTime Player. Impact : Execute arbitrary code Solution : Apple Computers has released a security update for this vulnerability, which is available for downloading from Apples's web site under security update. Fortinet Protection: Fortinet is protecting network from this vulnerability with latest IPS update. Acknowledgment : Dejun Meng of Fortinet Security Research team found this vulnerability. Disclaimer : Although Fortinet has attempted to provide accurate information in these materials, Fortinet assumes no legal responsibility for the accuracy or completeness of the information. Please note that Fortinet's product information does not constitute or contain any guarantee, warranty or legally binding representation, unless expressly identified as such in a duly signed writing. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-011A Apple QuickTime Vulnerabilities Original release date: January 11, 2006 Last revised: January 11, 2006 Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows XP * Microsoft Windows 2000 Overview Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service. I. Description Apple QuickTime 7.0.4 resolves a number of image and media file handling vulnerabilities. (CAN-2005-3713) II. Impact The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes. Potential consequences include remote execution of arbitrary code or commands and denial of service. III. Solution Upgrade Upgrade to QuickTime 7.0.4. Appendix A. References * US-CERT Vulnerability Note VU#629845 - <http://www.kb.cert.org/vuls/id/629845> * US-CERT Vulnerability Note VU#921193 - <http://www.kb.cert.org/vuls/id/921193> * US-CERT Vulnerability Note VU#115729 - <http://www.kb.cert.org/vuls/id/115729> * US-CERT Vulnerability Note VU#150753 - <http://www.kb.cert.org/vuls/id/150753> * US-CERT Vulnerability Note VU#913449 - <http://www.kb.cert.org/vuls/id/913449> * CVE-2005-2340 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2340> * CVE-2005-4092 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4092> * CVE-2005-3707 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707> * CVE-2005-3710 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710> * CVE-2005-3713 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3713> * Security Content for QuickTime 7.0.4 - <http://docs.info.apple.com/article.html?artnum=303101> * QuickTime 7.0.4 - <http://www.apple.com/support/downloads/quicktime704.html> * About the Mac OS X 10.4.4 Update (Delta) - <http://docs.info.apple.com/article.html?artnum=302810> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA06-011A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA06-011A Feedback VU#913449" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History January 11, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQ8V8iX0pj593lg50AQJ85wf+OuHVseQVzZ0uI8h8TnmtAJmjzV6tp3Cj 34jwpSLlvo5S8svIHChcX/BYOwKVL/uQZswsjk/mbEu+TrPcVKPd7VPCetxIXVey AdC5hsAH1Wm0MnvY1LgvONo8IQ9RlT6Rj6fY7k7QhPUWsYxj/rDCWDAY9kgsHXc/ HpXWL/Cy5va35z8aYHrLVlxmofKrOWtX0PVa6lSKV8lIsY+TDihA5tYIb5wRDVxL osieJ+MHSXGchXpjX2c0o6Ja6vhJNR61LEwelk9FMLT1JRTkp+wz9/AoVUSyZ/hy 0WBP0M8cwl8koWgijNcLXA18YX8QtDftAVRwpwHKMrbNCYdrWblYVw== =5Kiq -----END PGP SIGNATURE----- |
| var-201407-0233 | Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4) CCDParameter, (5) SetColor, (6) AlarmImage, (7) GetParameter, (8) GetColor, (9) ServerResponse, (10) SetBaud, or (11) IPAddress parameter to an ActiveX control in (a) webvact.ocx, (b) dvs.ocx, or (c) webdact.ocx. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webdact.ocx ActiveX Control. The control does not check the length of an attacker-supplied NodeName string before copying it into a fixed length buffer on the stack. This could allow an attacker to execute arbitrary code in the context of the browser process. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess webvact.ocx, dvs.ocx and webdact.ocx ActiveX controls fail to properly handle long-length named ProjectName, SetParameter, NodeName, CCDParameter, SetColor, AlarmImage, GetParameter, GetColor, ServerResponse, SetBaud and IPAddress parameters, and attackers can build malicious A WEB page that entice a user to access, can crash an application or execute arbitrary code. Advantech WebAccess is prone to multiple remote stack-based buffer-overflow vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment |
| var-201601-0038 | Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x27B1 IOCTL in the ViewSrv subsystem. A stack-based buffer overflow vulnerability exists in a call to BwBuildPath. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems |
| var-201801-0394 | TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file. TP-LinkWVR, WAR and ERdevices are different series of router products from China TP-LINK. Security vulnerabilities exist in TP-LinkWVR, WAR, and ER devices |
| var-201904-0181 | Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwmakdir.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in Advantech WebAccess/SCADA. This vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in execution to other associated memory locations. erroneous read and write operations |
| var-202108-1160 | Description: A permissions issue was addressed with improved validation. This issue is fixed in watchOS 7.6, tvOS 14.7, macOS Big Sur 11.5. A malicious application may be able to bypass certain Privacy preferences. apple's macOS , tvOS , watchOS There is a vulnerability in improper default permissions.Information may be tampered with. ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the CVE program. Notes: none |
| var-202305-0218 | D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the getpage and errorpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18419. D-Link DAP-1360 is a router from D-Link, a Chinese company |
| var-202305-0217 | D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of login requests to the web-based user interface. The firmware contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-18455. D-Link DAP-1360 is a router from D-Link, a Chinese company |
| var-202305-0216 | D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /cgi-bin/webproc endpoint. When parsing the errorpage and nextpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18746. D-Link DAP-1360 is a router from D-Link, a Chinese company |
| var-202305-0177 | D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18417. D-Link DAP-1360 is a router from D-Link, a Chinese company |
| var-202305-0176 | D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:sys_Token parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18418. D-Link DAP-1360 is a router from D-Link, a Chinese company |
| var-202305-0166 | D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:menu parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18414. D-Link DAP-1360 is a router from D-Link, a Chinese company |
| var-202305-0154 | D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the var:page parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18422. D-Link DAP-1360 is a router from D-Link, a Chinese company |
| var-202305-0153 | D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webupg endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18423. D-Link DAP-1360 is a router from D-Link, a Chinese company |
| var-202305-0071 | D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18416. D-Link DAP-1360 is a router from D-Link, a Chinese company |
| var-202305-0070 | D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18454. D-Link DAP-1360 is a router from D-Link, a Chinese company |
| var-202308-3323 | D-Link DAP-2622 DDP Change ID Password Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20060. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3185 | D-Link DAP-2622 DDP Configuration Backup Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20068. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3131 | D-Link DAP-2622 DDP Reset Factory Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20059. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| var-202308-3130 | D-Link DAP-2622 DDP Configuration Restore Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20069. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2024-014793 | Multiple vulnerabilities in FXC AE1021 and AE1021PE | 4 months ago | 4 months ago |
| jvndb-2024-014079 | Trend Micro Deep Security Agent for Windows and Deep Security Notifier on DSVA vulnerable to OS command injection | 4 months ago | 4 months ago |
| jvndb-2023-000085 | "Skylark" App fails to restrict custom URL schemes properly | 1 year ago | 4 months ago |
| jvndb-2024-000124 | Multiple vulnerabilities in UNIVERGE IX/IX-R/IX-V series routers | 4 months ago | 4 months ago |
| jvndb-2024-000123 | Multiple FCNT Android devices vulnerable to authentication bypass | 4 months ago | 4 months ago |
| jvndb-2024-013702 | Multiple vulnerabilities in FUJI ELECTRIC products | 4 months ago | 4 months ago |
| jvndb-2024-002831 | ELECOM wireless LAN routers vulnerable to OS command injection | 1 year ago | 5 months ago |
| jvndb-2024-000122 | HAProxy vulnerable to HTTP request/response smuggling | 5 months ago | 5 months ago |
| jvndb-2024-003025 | Multiple vulnerabilities in ELECOM wireless LAN routers | 1 year ago | 5 months ago |
| jvndb-2024-012461 | Multiple vulnerabilities in SoftBank Mesh Wi-Fi router RP562B | 5 months ago | 5 months ago |
| jvndb-2024-000020 | Multiple vulnerabilities in ELECOM wireless LAN routers and wireless LAN repeater | 1 year ago | 5 months ago |
| jvndb-2024-000088 | Multiple vulnerabilities in ELECOM wireless LAN routers and access points | 8 months ago | 5 months ago |
| jvndb-2024-000121 | WordPress Plugin "WP Admin UI Customize" vulnerable to cross-site scripting | 5 months ago | 5 months ago |
| jvndb-2024-013260 | Multiple vulnerabilities in Edgecross Basic Software for Windows | 5 months ago | 5 months ago |
| jvndb-2024-000106 | Multiple vulnerabilities in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software | 6 months ago | 5 months ago |
| jvndb-2024-000120 | "Kura Sushi Official App Produced by EPARK" for Android uses a hard-coded cryptographic key | 5 months ago | 5 months ago |
| jvndb-2024-000119 | Multiple vulnerabilities in FitNesse | 5 months ago | 5 months ago |
| jvndb-2024-012941 | Multiple vulnerabilities in Rakuten Turbo 5G | 5 months ago | 5 months ago |
| jvndb-2024-000118 | WordPress Plugin "VK All in One Expansion Unit" vulnerable to cross-site scripting | 5 months ago | 5 months ago |
| jvndb-2024-009481 | Insecure initial password configuration issue in SEIKO EPSON Web Config | 6 months ago | 5 months ago |
| jvndb-2024-000109 | baserCMS plugin "BurgerEditor" vulnerable to directory listing | 6 months ago | 5 months ago |
| jvndb-2024-012017 | Trend Micro Deep Security 20 Agent for Windows vulnerable to improper access control | 5 months ago | 5 months ago |
| jvndb-2024-011833 | Incorrect authorization vulnerability in OMRON Sysmac Studio | 5 months ago | 5 months ago |
| jvndb-2024-011747 | Command injection vulnerability in Trend Micro Cloud Edge | 5 months ago | 5 months ago |
| jvndb-2024-011744 | REST-APIs unintentionally enabled in Century Systems FutureNet NXR series routers | 5 months ago | 5 months ago |
| jvndb-2024-000116 | Hikvision network camera security enhancement to prevent cleartext transmission of Dynamic DNS credentials | 5 months ago | 5 months ago |
| jvndb-2024-011256 | Multiple vulnerabilities in Sharp and Toshiba Tec MFPs | 5 months ago | 5 months ago |
| jvndb-2024-000115 | Chatwork Desktop Application (Windows) uses a potentially dangerous function | 5 months ago | 5 months ago |
| jvndb-2024-000112 | MUSASI version 3 performing authentication on client-side | 6 months ago | 6 months ago |
| jvndb-2024-000113 | N-LINE vulnerable to HTML injection | 6 months ago | 6 months ago |
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2025:0937-1 | Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP6) | 1 month ago | 1 month ago |
| suse-su-2025:0929-1 | Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4) | 1 month ago | 1 month ago |
| suse-su-2025:0927-1 | Security update for the Linux Kernel (Live Patch 59 for SLE 12 SP5) | 1 month ago | 1 month ago |
| suse-su-2025:0920-1 | Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5) | 1 month ago | 1 month ago |
| suse-su-2025:0924-1 | Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5) | 1 month ago | 1 month ago |
| suse-su-2025:0922-1 | Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) | 1 month ago | 1 month ago |
| suse-su-2025:0919-1 | Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6) | 1 month ago | 1 month ago |
| suse-su-2025:0917-1 | Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5) | 1 month ago | 1 month ago |
| suse-su-2025:0911-1 | Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6) | 1 month ago | 1 month ago |
| suse-su-2025:0910-1 | Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4) | 1 month ago | 1 month ago |
| suse-su-2025:0916-1 | Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3) | 1 month ago | 1 month ago |
| suse-su-2025:0908-1 | Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5) | 1 month ago | 1 month ago |
| suse-su-2025:0907-1 | Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3) | 1 month ago | 1 month ago |
| suse-su-2025:0906-1 | Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5) | 1 month ago | 1 month ago |
| suse-su-2025:0904-1 | Security update for the Linux Kernel (Live Patch 57 for SLE 12 SP5) | 1 month ago | 1 month ago |
| suse-su-2025:0903-1 | Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4) | 1 month ago | 1 month ago |
| suse-su-2025:0901-1 | Security update for erlang | 1 month ago | 1 month ago |
| suse-su-2025:0898-1 | Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3) | 1 month ago | 1 month ago |
| suse-su-2025:0897-1 | Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3) | 1 month ago | 1 month ago |
| suse-su-2025:0896-1 | Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5) | 1 month ago | 1 month ago |
| suse-su-2025:0893-1 | Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5) | 1 month ago | 1 month ago |
| suse-su-2025:0892-1 | Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5) | 1 month ago | 1 month ago |
| suse-su-2025:0889-1 | Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP6) | 1 month ago | 1 month ago |
| suse-su-2025:0888-1 | Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6) | 1 month ago | 1 month ago |
| suse-su-2025:0886-1 | Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) | 1 month ago | 1 month ago |
| suse-su-2025:0885-1 | Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6) | 1 month ago | 1 month ago |
| suse-su-2025:0883-1 | Security update for python312 | 1 month ago | 1 month ago |
| suse-su-2025:0882-1 | Security update for google-cloud-sap-agent | 1 month ago | 1 month ago |
| suse-su-2025:0881-1 | Security update for google-cloud-sap-agent | 1 month ago | 1 month ago |
| suse-su-2025:0876-1 | Security update for govulncheck-vulndb | 1 month ago | 1 month ago |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2025:14879-1 | erlang-27.2.4-2.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14878-1 | dool-1.3.4-2.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14877-1 | distrobuilder-3.1-2.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14876-1 | ruby3.4-rubygem-rack-2.2-2.2.13-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14875-1 | ruby3.4-rubygem-rack-3.1.12-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14874-1 | restic-0.17.3-2.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14873-1 | python312-3.12.9-2.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14872-1 | python311-3.11.11-4.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14871-1 | podman-5.4.0-3.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14870-1 | google-osconfig-agent-20250115.01-3.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14869-1 | google-guest-agent-20250116.00-3.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14868-1 | fake-gcs-server-1.52.2-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14867-1 | amazon-ssm-agent-3.3.1957.0-2.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14866-1 | libtinyxml2-10-10.1.0-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14865-1 | grafana-11.5.2-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14864-1 | gerbera-2.5.0-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:0084-1 | Security update for chromium | 1 month ago | 1 month ago |
| opensuse-su-2025:14863-1 | teleport-17.3.3-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14862-1 | less-668-2.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14861-1 | MozillaFirefox-136.0-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14860-1 | xen-4.20.0_08-4.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14859-1 | ruby3.4-rubygem-rack-2.2-2.2.12-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14858-1 | python311-GitPython-3.1.44-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14857-1 | grype-0.88.0-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14856-1 | go1.24-1.24.1-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14855-1 | go1.23-1.23.7-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14854-1 | chromedriver-134.0.6998.35-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14853-1 | MozillaThunderbird-128.8.0-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:14852-1 | firefox-esr-128.8.0-1.1 on GA media | 1 month ago | 1 month ago |
| opensuse-su-2025:0081-1 | Security update for phpMyAdmin | 1 month ago | 1 month ago |