Recent vulnerabilities

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
ghsa-9hfh-q9rg-j934 (github)	The Newsletter Popup WordPress plugin through 1.2 does not sanitise and escape some of its settin...	2024-05-16T06:30:50Z	2024-11-20T21:30:43Z
ghsa-qgpm-9vqg-rgrr (github)	Improper access control vulnerability in Apaczka plugin for PrestaShop allows information gatheri...	2024-04-04T15:30:34Z	2024-11-20T21:30:42Z
ghsa-j9j7-vrc8-64wq (github)	A vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3.1301 in...	2024-04-09T18:30:22Z	2024-11-20T21:30:42Z
ghsa-77h7-8788-mfv3 (github)	The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retr...	2024-03-11T21:31:27Z	2024-11-20T21:30:42Z
ghsa-r4pg-vg54-wxx4 (github)	cert-manager ha a potential slowdown / DoS when parsing specially crafted PEM inputs	2024-11-20T20:48:11Z	2024-11-20T20:48:11Z
ghsa-ffp2-8p2h-4m5j (github)	Password Pusher rate limiter can be bypassed by forging proxy headers	2024-11-20T18:24:28Z	2024-11-20T19:36:11Z
ghsa-gv5h-5655-h4mv (github)	django CMS Cross-Site Scripting (XSS)	2024-11-18T12:30:43Z	2024-11-20T19:35:50Z
ghsa-gppm-hq3p-h4rp (github)	Git credentials are exposed in Atlantis logs	2024-11-08T19:03:35Z	2024-11-20T19:32:50Z
ghsa-p7mv-53f2-4cwj (github)	CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data	2024-11-06T15:33:55Z	2024-11-20T19:31:30Z
ghsa-xxxw-3j6h-q7h6 (github)	Grafana plugin SDK Information Leakage	2024-09-19T12:31:20Z	2024-11-20T19:30:12Z
ghsa-q3hw-3gm4-w5cr (github)	gnark's Groth16 commitment extension unsound for more than one commitment	2024-09-06T19:53:20Z	2024-11-20T19:26:02Z
ghsa-v7vf-f5q6-m899 (github)	.NET Remote Code Execution Vulnerability	2024-11-12T23:03:15Z	2024-11-20T18:56:27Z
ghsa-7mgx-gvjw-m3w3 (github)	CrateDB authentication bypass vulnerability	2024-01-30T03:30:30Z	2024-11-20T18:42:39Z
ghsa-h559-wf3x-8rqj (github)	A vulnerability classified as problematic was found in 115cms up to 20240807. This vulnerability ...	2024-11-20T18:32:18Z	2024-11-20T18:32:18Z
ghsa-7rmf-rfc4-c6r2 (github)	A vulnerability classified as problematic has been found in 115cms up to 20240807. This affects a...	2024-11-20T18:32:18Z	2024-11-20T18:32:18Z
ghsa-4xv5-h636-p47w (github)	Multiple OS Command Injection vulnerabilities affecting Kasda KW6512 router software version KW65...	2024-11-20T18:32:18Z	2024-11-20T18:32:18Z
ghsa-xx8w-4q6h-66xg (github)	DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vulnerability via the compone...	2024-11-20T18:32:17Z	2024-11-20T18:32:17Z
ghsa-qhv3-2cgf-c955 (github)	An issue in Audimex EE v.15.1.20 and before allows a remote attacker to escalate privileges.	2024-11-20T18:32:17Z	2024-11-20T18:32:17Z
ghsa-pq4w-jf35-7pmx (github)	There exists a code execution vulnerability in the Car App Android Jetpack Library. In the CarApp...	2024-11-20T12:30:35Z	2024-11-20T18:32:17Z
ghsa-p9rx-45f8-3vvp (github)	A vulnerability was found in 115cms up to 20240807 and classified as problematic. This issue affe...	2024-11-20T18:32:17Z	2024-11-20T18:32:17Z
ghsa-p6hm-frqp-586g (github)	A vulnerability was found in 115cms up to 20240807. It has been declared as problematic. Affected...	2024-11-20T18:32:17Z	2024-11-20T18:32:17Z
ghsa-mq9r-w66p-33m3 (github)	A vulnerability, which was classified as critical, has been found in Code4Berry Decoration Manage...	2024-11-20T18:32:17Z	2024-11-20T18:32:17Z
ghsa-jrrp-pvfv-xjh3 (github)	A vulnerability has been found in Code4Berry Decoration Management System 1.0 and classified as c...	2024-11-20T18:32:17Z	2024-11-20T18:32:17Z
ghsa-hx2q-32g5-49fm (github)	A vulnerability classified as critical was found in Code4Berry Decoration Management System 1.0. ...	2024-11-20T18:32:17Z	2024-11-20T18:32:17Z
ghsa-h4c9-8j9c-xf43 (github)	An arbitrary file upload vulnerability in the component /admin/friendlink_edit of DedeBIZ v6.3.0 ...	2024-11-20T18:32:17Z	2024-11-20T18:32:17Z
ghsa-gfmp-fjx4-3grr (github)	A vulnerability, which was classified as problematic, was found in Code4Berry Decoration Manageme...	2024-11-20T18:32:17Z	2024-11-20T18:32:17Z
ghsa-fg4f-v7hp-cc45 (github)	SemCms v4.8 was discovered to contain a SQL injection vulnerability. This allows an attacker to e...	2024-11-20T18:32:17Z	2024-11-20T18:32:17Z
ghsa-95hg-vx6x-rj95 (github)	A vulnerability was found in 115cms up to 20240807. It has been classified as problematic. Affect...	2024-11-20T18:32:17Z	2024-11-20T18:32:17Z
ghsa-7mm3-wc4f-j5fh (github)	A vulnerability was found in 115cms up to 20240807. It has been rated as problematic. Affected by...	2024-11-20T18:32:17Z	2024-11-20T18:32:17Z
ghsa-76ph-jc9g-v47h (github)	Local File Inclusion vulnerability in Vegam Solutions Vegam 4i v.6.3.47.0 and earlier allows a re...	2024-11-20T18:32:17Z	2024-11-20T18:32:17Z

Vulnerabilities are sorted by update time (recent to old).
ID	CVSS Base Score	Description	Vendor	Product	Publish Date	Update Date
cve-2024-10532 (NVD)		Bard Extra <= 1.2.7 - Missing Authorization to Authenticated (Subscriber+) Demo Import	wproyal	Bard Extra	2024-11-21T02:06:23.400Z	2024-11-21T02:06:23.400Z
cve-2024-11414 (NVD)		RecipePress Reloaded <= 2.12.0 - Authenticated (Contributor+) Stored Cross-Site Scripting	dasmaeh	RecipePress Reloaded	2024-11-21T02:06:22.706Z	2024-11-21T02:06:22.706Z
cve-2024-10164 (NVD)		Premium Packages - Sell Digital Products Securely <= 5.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpdmpp_pay_link Shortcode	codename065	Premium Packages – Sell Digital Products Securely	2024-11-21T02:06:21.099Z	2024-11-21T02:06:21.099Z
cve-2024-9851 (NVD)		LSX Tour Operator <= 1.4.9 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload	feedmymedia	LSX Tour Operator	2024-11-21T02:06:19.948Z	2024-11-21T02:06:19.948Z
cve-2024-10682 (NVD)		Bulletin Announcements <= 3.11.7 - Reflected Cross-Site Scripting	mikewire_rocksolid	Announcement & Notification Banner – Bulletin	2024-11-21T02:06:19.173Z	2024-11-21T02:06:19.173Z
cve-2024-11447 (NVD)		Community by PeepSo – Social Network, Membership, Registration, User Profiles, Premium – Mobile App <= 6.4.6.2 - Reflected Cross-Site Scripting	peepso	Community by PeepSo – Download from PeepSo.com	2024-11-21T02:06:18.381Z	2024-11-21T02:06:18.381Z
cve-2022-43933 (NVD)	CVSS-v3.1: 4.4	configuration secrets are logged in support-save	Brocade	SANnav	2024-11-21T01:36:30.175Z	2024-11-21T01:52:42.072Z
cve-2022-43935 (NVD)	CVSS-v3.1: 5.3	Switch passwords and authorization IDs are printed in the embedded MLS DB file	Brocade	SANnav	2024-11-21T01:51:59.741Z	2024-11-21T01:51:59.741Z
cve-2022-43934 (NVD)	CVSS-v3.1: 6.5	Weak Key-exchange algorithms	Brocade	SANnav	2024-11-21T01:43:54.749Z	2024-11-21T01:43:54.749Z
cve-2024-52797 (NVD)		Searching Opencast may cause a denial of service	opencast	opencast	2024-11-21T01:30:07.811Z	2024-11-21T01:30:07.811Z
cve-2024-45663 (NVD)	CVSS-v3.1: 6.5	IBM Db2 denial of service	IBM	Db2 for Linux, UNIX and Windows	2024-11-21T00:22:03.293Z	2024-11-21T00:22:03.293Z
cve-2024-50969 (NVD)	N/A	A Reflected cross-site scripting (XSS) vulnerability in browse.php of Code-projects Jonnys Liquor 1.0 allows remote attackers to inject arbitrary web scripts or HTML via the search parameter.	n/a	n/a	2024-11-13T00:00:00	2024-11-20T23:05:22.892Z
cve-2024-50810 (NVD)	N/A	hopetree izone lts c011b48 contains a Cross Site Scripting (XSS) vulnerability in the article comment function. In \apps\comment\views.py, AddCommintView() does not securely filter user input and renders it directly to the frontend page through templates.	n/a	n/a	2024-11-08T00:00:00	2024-11-20T23:02:23.484Z
cve-2024-51031 (NVD)	N/A	A Cross-site Scripting (XSS) vulnerability in manage_account.php in Sourcecodester Cab Management System 1.0 allows remote authenticated users to inject arbitrary web scripts via the "First Name," "Middle Name," and "Last Name" fields.	n/a	n/a	2024-11-08T00:00:00	2024-11-20T22:56:12.765Z
cve-2024-52755 (NVD)	N/A	D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the host_ip parameter in the ipsec_road_asp function.	n/a	n/a	2024-11-20T00:00:00	2024-11-20T22:47:20.628988
cve-2024-51151 (NVD)	N/A	D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the msp_info_htm function via the flag parameter and cmd parameter.	n/a	n/a	2024-11-20T00:00:00	2024-11-20T22:45:57.069883
cve-2024-51032 (NVD)	N/A	A Cross-site Scripting (XSS) vulnerability in manage_recipient.php of Sourcecodester Toll Tax Management System 1.0 allows remote authenticated users to inject arbitrary web scripts via the "owner" input field.	n/a	n/a	2024-11-08T00:00:00	2024-11-20T22:43:07.679Z
cve-2024-10971 (NVD)	N/A	Improper access control in the Password History feature in Devolutions DVLS 2024.3.6 and earlier allows a malicious authenticated user to obtain sensitive data via faulty permission.	Devolutions	DVLS (Devolutions Server)	2024-11-12T15:52:14.839Z	2024-11-20T22:39:24.048Z
cve-2024-9875 (NVD)	CVSS-v3.1: 7.1	Okta Privileged Access server agent (SFTD) versions 1.82.0 to 1.84.0 are affected by a privilege escalation vulnerability when the sudo command bundles feature is enabled. To remediate this vulnerability, upgrade the Okta Privileged Access server agent (SFTD) to version 1.87.1 or greater.	Okta	Okta Privileged Access Server Agent (SFTD)	2024-11-20T22:23:15.230Z	2024-11-20T22:38:32.486Z
cve-2024-9356 (NVD)		Yotpo: Product & Photo Reviews for WooCommerce <= 1.7.8 - Reflected Cross-Site Scripting	yotpo	Yotpo: Product & Photo Reviews for WooCommerce	2024-11-15T05:30:55.822Z	2024-11-20T22:37:22.305Z
cve-2021-3741 (NVD)		Stored Cross-site Scripting (XSS) in chatwoot/chatwoot	chatwoot	chatwoot/chatwoot	2024-11-15T10:51:22.667Z	2024-11-20T22:36:41.760Z
cve-2021-3841 (NVD)		Stored Cross-site Scripting (XSS) in sylius/sylius	sylius	sylius/sylius	2024-11-15T10:52:01.371Z	2024-11-20T22:36:05.302Z
cve-2021-3988 (NVD)		Cross-site Scripting (XSS) in janeczku/calibre-web	janeczku	janeczku/calibre-web	2024-11-15T10:52:39.637Z	2024-11-20T22:35:15.693Z
cve-2023-0737 (NVD)		CSRF in wallabag/wallabag	wallabag	wallabag/wallabag	2024-11-15T10:53:21.745Z	2024-11-20T22:30:58.342Z
cve-2023-35863 (NVD)	N/A	In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Thus, it is possible for an unprivileged application to obtain a handle to the NetFilterSDK wrapper before the service obtains exclusive access.	n/a	n/a	2023-07-05T00:00:00	2024-11-20T21:53:20.770Z
cve-2023-7134 (NVD)		SourceCodester Medicine Tracking System path traversal	SourceCodester	Medicine Tracking System	2023-12-28T20:00:05.775Z	2024-11-20T21:52:45.852Z
cve-2023-30195 (NVD)		In the module "Detailed Order" (lgdetailedorder) in version up to 1.1.20 from Linea Grafica for PrestaShop, a guest can download personal informations without restriction formatted in json.	n/a	n/a	2023-07-06T00:00:00	2024-11-20T21:51:05.085Z
cve-2023-37308 (NVD)	N/A	Zoho ManageEngine ADAudit Plus before 7100 allows XSS via the username field.	n/a	n/a	2023-07-07T00:00:00	2024-11-20T21:49:26.857Z
cve-2023-7150 (NVD)		Campcodes Chic Beauty Salon Product product-list.php unrestricted upload	Campcodes	Chic Beauty Salon	2023-12-29T04:00:05.080Z	2024-11-20T21:48:35.582Z
cve-2024-30192 (NVD)	N/A	WordPress Pinterest Plugin <= 1.8.2 - Cross Site Scripting (XSS)	GS Plugins	GS Pins for Pinterest	2024-03-27T06:43:50.816Z	2024-11-20T21:39:13.957Z

Vulnerabilities are sorted by update time (recent to old).
ID	CVSS Base Score	Description	Vendor	Product	Publish Date	Update Date
cve-2018-9469 (NVD)	N/A	In multiple functions of ShortcutService.java, there is a possible creation of a spoofed shortcut due to a missing permission check. This could lead to local escalation of privilege in a privileged app with no additional execution privileges needed. User interaction is needed for exploitation.	Google	Android	2024-11-20T16:53:36.233Z	2024-11-20T19:08:05.439Z
cve-2018-9468 (NVD)	N/A	In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional execution privileges needed. User interaction is not needed for exploitation.	Google	Android	2024-11-20T16:51:52.139Z	2024-11-20T19:04:34.956Z
cve-2024-33023 (NVD)	CVSS-v3.1: 8.4	Use After Free in Graphics Linux	Qualcomm, Inc.	Snapdragon	2024-08-05T14:21:43.449Z	2024-08-05T14:42:39.778Z
cve-2024-33022 (NVD)	CVSS-v3.1: 8.4	Integer Overflow or Wraparound in Automotive GPU	Qualcomm, Inc.	Snapdragon	2024-08-05T14:21:42.398Z	2024-08-05T14:43:56.607Z
cve-2024-33021 (NVD)	CVSS-v3.1: 8.4	Use of Uninitialized Variable in Automotive GPU	Qualcomm, Inc.	Snapdragon	2024-08-05T14:21:41.397Z	2024-08-05T14:45:22.446Z
cve-2024-33020 (NVD)	CVSS-v3.1: 7.5	Buffer Over-read in WLAN HOST	Qualcomm, Inc.	Snapdragon	2024-08-05T14:21:40.361Z	2024-08-05T14:47:53.939Z
cve-2024-33019 (NVD)	CVSS-v3.1: 7.5	Buffer Over-read in WLAN Host	Qualcomm, Inc.	Snapdragon	2024-08-05T14:21:39.275Z	2024-08-05T15:29:54.891Z
cve-2024-24051 (NVD)	N/A	Improper input validation of printing files in Monoprice Select Mini V2 V37.115.32 allows attackers to instruct the device's movable parts to destinations that exceed the devices' maximum coordinates via the printing of a malicious .gcode file.	n/a	n/a	2024-06-12T00:00:00	2024-09-03T17:54:54.432Z
cve-2024-45511 (NVD)	N/A	An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A reflected Cross-Site Scripting (XSS) issue exists through the Briefcase module due to improper sanitization of file content by the OnlyOffice formatter. This occurs when the victim opens a crafted URL pointing to a shared folder containing a malicious file uploaded by the attacker. The vulnerability allows the attacker to execute arbitrary JavaScript in the context of the victim's session.	n/a	n/a	2024-11-20T00:00:00	2024-11-20T20:57:53.794Z
cve-2024-33439 (NVD)	N/A	An issue in Kasda LinkSmart Router KW5515 v1.7 and before allows an authenticated remote attacker to execute arbitrary OS commands via cgi parameters.	n/a	n/a	2024-11-20T00:00:00	2024-11-20T18:43:13.170079
cve-2024-52759 (NVD)	N/A	D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ip_position_asp function.	n/a	n/a	2024-11-19T00:00:00	2024-11-19T18:59:16.931876
cve-2024-4705 (NVD)		Testimonials Widget <= 4.0.4 - Authenticated (Author+) Stored Cross-Site Scripting via testimonials Shortcode	j0hnsmith	Testimonials Widget	2024-06-06T02:03:03.594Z	2024-08-01T20:47:41.670Z
cve-2024-3644 (NVD)	N/A	Newsletter Popup <= 1.2 - Admin+ Stored XSS	Unknown	Newsletter Popup	2024-05-16T06:00:03.032Z	2024-11-20T17:41:01.371Z
cve-2024-3629 (NVD)	N/A	HL Twitter <= 2014.1.18 - Settings Update via CSRF	Unknown	HL Twitter	2024-05-15T06:00:03.634Z	2024-11-20T17:40:20.822Z
cve-2024-3471 (NVD)	N/A	Button Generator < 3.0 - Button Deletion via CSRF	Unknown	Button Generator	2024-05-02T06:00:02.401Z	2024-11-20T17:30:51.987Z
cve-2024-3281 (NVD)	N/A	A vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3.1301 in CCX devices. A flaw in the firmware build process did not properly restrict access to a resource from an unauthorized actor.	HP Inc.	Poly CCX devices	2024-04-09T15:27:11.563Z	2024-11-20T17:30:09.027Z
cve-2024-3076 (NVD)	N/A	MM-email2image <= 0.2.5 - Stored XSS via CSRF	Unknown	MM-email2image	2024-04-26T13:23:08.383Z	2024-11-20T17:27:07.555Z
cve-2024-3048 (NVD)	N/A	Bannerlid <= 1.1.0 - Reflected XSS	Unknown	Bannerlid	2024-04-26T05:00:03.832Z	2024-11-20T17:26:28.540Z
cve-2024-35283 (NVD)	N/A	A vulnerability in the Ignite component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a stored cross-site scripting (XSS) attack due to insufficient input validation.	n/a	n/a		2024-11-20T17:42:35.353Z
cve-2024-2759 (NVD)	N/A	Improper access control in Apaczka plugin for PrestaShop	Alsendo Sp. z o. o.	Apaczka	2024-04-04T13:23:57.114Z	2024-11-20T17:21:20.241Z
cve-2024-2357 (NVD)	N/A	IKEv2 misconfiguration can cause libreswan to abort and restart	The Libreswan Project (www.libreswan.org)	libreswan	2024-03-11T19:39:03.280Z	2024-11-20T17:25:31.624Z
cve-2024-46815 (NVD)	N/A	drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]	Linux Linux	Linux Linux	2024-09-27T12:35:57.062Z	2024-11-05T09:47:10.066Z
cve-2024-46771 (NVD)	N/A	can: bcm: Remove proc entry when dev is unregistered.	Linux Linux	Linux Linux	2024-09-18T07:12:29.363Z	2024-11-05T09:46:19.708Z
cve-2024-46768 (NVD)	N/A	hwmon: (hp-wmi-sensors) Check if WMI event data exists	Linux Linux	Linux Linux	2024-09-18T07:12:27.046Z	2024-11-05T09:46:16.374Z
cve-2024-46774 (NVD)	N/A	powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()	Linux Linux	Linux Linux	2024-09-18T07:12:31.782Z	2024-11-05T09:46:22.952Z
cve-2024-46775 (NVD)	N/A	drm/amd/display: Validate function returns	Linux Linux	Linux Linux	2024-09-18T07:12:32.506Z	2024-11-05T09:46:24.044Z
cve-2024-11493 (NVD)		115cms pageAE.html cross site scripting	n/a	115cms	2024-11-20T17:31:05.094Z	2024-11-20T18:45:52.660Z
cve-2024-11492 (NVD)		115cms appurladd.html cross site scripting	n/a	115cms	2024-11-20T17:31:03.878Z	2024-11-20T21:06:32.373Z
cve-2024-11081 (NVD)	N/A	{'providerMetadata': {'orgId': 'b15e7b5b-3da4-40ae-a43c-f7aa60e62599', 'shortName': 'Wordfence', 'dateUpdated': '2024-11-20T17:17:11.595Z'}, 'rejectedReasons': [{'lang': 'en', 'value': ' REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.'}]}	N/A	N/A		2024-11-20T17:17:11.595Z
cve-2024-46816 (NVD)	N/A	drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links	Linux Linux	Linux Linux	2024-09-27T12:35:57.742Z	2024-11-05T09:47:11.138Z

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
pysec-2024-73	A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows a...	2024-07-31T01:15:00+00:00	2024-08-27T15:22:40.259109+00:00
pysec-2024-70	An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values() and v...	2024-08-07T15:15:00+00:00	2024-08-07T17:22:10.804411+00:00
pysec-2024-69	An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetr...	2024-08-07T15:15:00+00:00	2024-08-07T17:22:10.745844+00:00
pysec-2024-68	An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize() and urlize...	2024-08-07T15:15:00+00:00	2024-08-07T17:22:10.682679+00:00
pysec-2024-67	An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat templat...	2024-08-07T15:15:00+00:00	2024-08-07T17:22:10.613440+00:00
pysec-2024-66	dbt enables data analysts and engineers to transform their data using the same practices that sof...	2024-07-16T23:15:00+00:00	2024-07-19T17:21:49.664320+00:00
pysec-2024-65	Roundup before 2.4.0 allows XSS via JavaScript in PDF, XML, and SVG documents.	2024-07-17T20:15:00+00:00	2024-07-17T23:22:05.024899+00:00
pysec-2024-64	Roundup before 2.4.0 allows XSS via a SCRIPT element in an HTTP Referer header.	2024-07-17T20:15:00+00:00	2024-07-17T23:22:04.987078+00:00
pysec-2024-63	In Roundup before 2.4.0, classhelpers (_generic.help.html) allow XSS.	2024-07-17T20:15:00+00:00	2024-07-17T23:22:04.949977+00:00
pysec-2024-62	Versions of the package langchain-experimental from 0.0.15 and before 0.0.21 are vulnerable to Ar...	2024-07-15T05:15:00+00:00	2024-07-15T11:19:36.686972+00:00
pysec-2024-61	A Stored Cross-Site Scripting (XSS) vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20...	2024-07-11T11:15:00+00:00	2024-07-12T21:33:00.657381+00:00
pysec-2024-60	A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` f...	2024-07-07T18:15:00+00:00	2024-07-11T17:21:37.216928+00:00
pysec-2024-59	An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. get_supported_language_...	2024-07-10T05:15:00+00:00	2024-07-10T11:20:07.800540+00:00
pysec-2024-58	An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the ...	2024-07-10T05:15:00+00:00	2024-07-10T11:20:07.704786+00:00
pysec-2024-57	An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.contrib.auth...	2024-07-10T05:15:00+00:00	2024-07-10T11:20:07.604887+00:00
pysec-2024-56	An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc ...	2024-07-10T05:15:00+00:00	2024-07-10T11:20:07.495359+00:00
pysec-2024-54	CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Ana...	2024-06-24T18:15:00+00:00	2024-06-26T19:19:24.981233+00:00
pysec-2024-53	langchain_experimental (aka LangChain Experimental) before 0.0.61 for LangChain provides Python R...	2024-06-16T15:15:00+00:00	2024-06-16T17:20:32.187558+00:00
pysec-2024-52	lepture Authlib before 1.3.1 has algorithm confusion with asymmetric public keys. Unless an algor...	2024-06-09T19:15:00+00:00	2024-06-09T21:20:21.309692+00:00
pysec-2024-51	A broken access control vulnerability exists in mlflow/mlflow versions before 2.10.1, where low p...	2024-05-16T09:15:00+00:00	2024-05-16T11:19:52.866536+00:00
pysec-2024-50	Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing ...	2024-04-23T18:15:00+00:00	2024-04-23T21:18:51.688096+00:00
pysec-2023-260	A reflected Cross-Site Scripting (XSS) vulnerability exists in the mlflow/mlflow repository, spec...	2023-12-07T05:15:00+00:00	2024-04-16T15:20:55.191003+00:00
pysec-2024-49	Lektor before 3.3.11 does not sanitize DB path traversal. Thus, shell commands might be executed ...	2024-03-27T06:15:00+00:00	2024-03-27T11:18:36.506150+00:00
pysec-2024-48	Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Servic...	2024-03-19T05:15:00+00:00	2024-03-19T11:18:50.379002+00:00
pysec-2024-47	In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Trunc...	2024-03-15T20:15:00+00:00	2024-03-15T23:20:34.975097+00:00
pysec-2024-46	Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated us...	2024-03-14T09:15:00+00:00	2024-03-14T11:19:09.515892+00:00
pysec-2024-45	LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the fi...	2024-03-04T00:15:00+00:00	2024-03-13T23:20:07.486731+00:00
pysec-2024-44	In RPyC before 6.0.0, when a server exposes a method that calls the attribute named __array__ for...	2024-03-12T16:15:00+00:00	2024-03-12T19:19:21.886478+00:00
pysec-2024-43	LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the fi...	2024-03-04T00:15:00+00:00	2024-03-05T10:22:15.555734+00:00
pysec-2024-42	Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated Ops and View...	2024-03-01T11:15:00+00:00	2024-03-01T14:20:34.498842+00:00

Vulnerabilities are sorted by update time (recent to old).
ID	Description
gsd-2024-33851	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33850	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33849	The format of the source doesn't require a description, click on the link for more details
gsd-2024-4295	The format of the source doesn't require a description, click on the link for more details
gsd-2024-4294	The format of the source doesn't require a description, click on the link for more details
gsd-2024-4293	The format of the source doesn't require a description, click on the link for more details
gsd-2024-4292	The format of the source doesn't require a description, click on the link for more details
gsd-2024-4291	The format of the source doesn't require a description, click on the link for more details
gsd-2023-52722	The format of the source doesn't require a description, click on the link for more details
gsd-2022-48685	The format of the source doesn't require a description, click on the link for more details
gsd-2022-48684	The format of the source doesn't require a description, click on the link for more details
gsd-2024-24777	The format of the source doesn't require a description, click on the link for more details
gsd-2024-28875	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33846	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33845	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33844	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33843	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33842	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33841	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33840	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33839	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33838	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33837	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33836	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33835	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33834	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33833	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33832	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33831	The format of the source doesn't require a description, click on the link for more details
gsd-2024-33830	The format of the source doesn't require a description, click on the link for more details

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
mal-2024-1223	Malicious code in @lbnqduy11805/musical-doodle (npm)	2024-04-10T05:55:21Z	2024-04-10T05:55:22Z
mal-2024-1222	Malicious code in @lbnqduy11805/miniature-train (npm)	2024-04-10T05:55:21Z	2024-04-10T05:55:22Z
mal-2024-1221	Malicious code in @lbnqduy11805/miniature-garbanzo (npm)	2024-04-10T05:55:21Z	2024-04-10T05:55:22Z
mal-2024-1220	Malicious code in @lbnqduy11805/legendary-octo-carnival (npm)	2024-04-10T05:55:21Z	2024-04-10T05:55:22Z
mal-2024-1215	Malicious code in @lbnqduy11805/congenial-dollop (npm)	2024-04-10T05:55:21Z	2024-04-10T05:55:22Z
mal-2024-1244	Malicious code in @lbnqduy11805/urban-octo-adventure (npm)	2024-04-10T05:55:21Z	2024-04-10T05:55:21Z
mal-2024-1241	Malicious code in @lbnqduy11805/sturdy-waddle (npm)	2024-04-10T05:55:21Z	2024-04-10T05:55:21Z
mal-2024-1238	Malicious code in @lbnqduy11805/stunning-fishstick (npm)	2024-04-10T05:55:21Z	2024-04-10T05:55:21Z
mal-2024-1237	Malicious code in @lbnqduy11805/studious-octo-waddle (npm)	2024-04-10T05:55:20Z	2024-04-10T05:55:21Z
mal-2024-1235	Malicious code in @lbnqduy11805/special-palm-tree (npm)	2024-04-10T05:55:21Z	2024-04-10T05:55:21Z
mal-2024-1229	Malicious code in @lbnqduy11805/refactored-eureka (npm)	2024-04-10T05:55:21Z	2024-04-10T05:55:21Z
mal-2024-1218	Malicious code in @lbnqduy11805/friendly-doodle (npm)	2024-04-10T05:55:21Z	2024-04-10T05:55:21Z
mal-2024-1217	Malicious code in @lbnqduy11805/expert-waddle (npm)	2024-04-10T05:55:20Z	2024-04-10T05:55:21Z
mal-2024-1236	Malicious code in @lbnqduy11805/studious-memory (npm)	2024-04-10T05:55:20Z	2024-04-10T05:55:20Z
mal-2024-1234	Malicious code in @lbnqduy11805/special-funicular (npm)	2024-04-10T05:55:20Z	2024-04-10T05:55:20Z
mal-2024-1231	Malicious code in @lbnqduy11805/reimagined-happiness (npm)	2024-04-10T05:55:20Z	2024-04-10T05:55:20Z
mal-2024-1228	Malicious code in @lbnqduy11805/redesigned-journey (npm)	2024-04-10T05:55:20Z	2024-04-10T05:55:20Z
mal-2024-1226	Malicious code in @lbnqduy11805/psychic-journey (npm)	2024-04-10T05:55:19Z	2024-04-10T05:55:20Z
mal-2024-1214	Malicious code in @lbnqduy11805/cautious-octo-rotary-phone (npm)	2024-04-10T05:55:19Z	2024-04-10T05:55:20Z
mal-2024-1212	Malicious code in @lbnqduy11805/animated-doodle (npm)	2024-04-10T05:55:20Z	2024-04-10T05:55:20Z
mal-2024-1219	Malicious code in @lbnqduy11805/ideal-octo-spork (npm)	2024-04-10T05:55:19Z	2024-04-10T05:55:19Z
mal-2024-1252	Malicious code in test-npm-lifecycle (npm)	2024-04-10T03:56:53Z	2024-04-10T03:56:53Z
mal-2024-1251	Malicious code in shuaishuaiqiang (npm)	2024-04-10T03:56:53Z	2024-04-10T03:56:53Z
mal-2024-1250	Malicious code in shuaishuai (npm)	2024-04-10T03:56:53Z	2024-04-10T03:56:53Z
mal-2024-1249	Malicious code in shuaiqiang (npm)	2024-04-10T03:56:53Z	2024-04-10T03:56:53Z
mal-2024-1248	Malicious code in benjimain (npm)	2024-04-10T03:56:53Z	2024-04-10T03:56:53Z
mal-2024-1247	Malicious code in @sber-site/sbercraft-nova-kit (npm)	2024-04-10T03:45:28Z	2024-04-10T03:45:28Z
mal-2024-1246	Malicious code in @sber-sd/assistant-web-sdk (npm)	2024-04-10T03:45:10Z	2024-04-10T03:45:10Z
mal-2024-1211	Malicious code in tokenaddress (npm)	2024-04-08T07:22:55Z	2024-04-08T07:22:55Z
mal-2024-1210	Malicious code in recxn-logs (npm)	2024-04-08T07:16:13Z	2024-04-08T07:16:14Z

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
wid-sec-w-2024-1683	Linksys WRT54G Router: Schwachstelle ermöglicht Codeausführung und DoS	2024-07-21T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1568	Mozilla Firefox und Firefox ESR: Mehrere Schwachstellen	2024-07-09T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1567	Adobe Creative Cloud Produkte: Mehrere Schwachstellen	2024-07-09T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1514	OpenSSH: Schwachstelle ermöglicht Offenlegung von Informationen	2024-07-03T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1467	MIT Kerberos: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff	2024-06-26T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1447	Squid: Schwachstelle ermöglicht Denial of Service	2024-06-24T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1396	Python: Mehrere Schwachstellen ermöglichen Manipulation von Dateien und Umgehung von Sicherheitsmaßnahmen	2024-06-17T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1369	CUPS: Schwachstelle ermöglicht Manipulation von Dateien	2024-06-12T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1351	Adobe Experience Manager: Mehrere Schwachstellen	2024-06-11T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1337	Red Hat Enterprise Linux (c-ares): Schwachstelle ermöglicht Denial of Service	2024-06-11T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1274	TianoCore EDK2: Schwachstelle ermöglicht Denial of Service	2024-06-02T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1240	OpenSSL: Schwachstelle ermöglicht Codeausführung, Datenmanipulation, Offenlegung von Informationen und Dos	2024-05-28T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1235	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe	2024-05-26T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1171	OpenSSL: Schwachstelle ermöglicht Denial of Service	2024-05-16T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1146	Intel Driver and Support Assistant: Mehrere Schwachstellen ermöglichen Privilegieneskalation	2024-05-14T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1083	Linux Kernel: Mehrere Schwachstellen	2024-05-09T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-1079	PostgreSQL: Schwachstelle ermöglicht Offenlegung von Informationen	2024-05-09T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-0857	Apache Kafka: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2024-04-11T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-0851	Linux Kernel: Mehrere Schwachstellen	2024-04-10T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-0814	Linux Kernel: Schwachstelle ermöglicht Denial of Service	2024-04-08T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-0813	OpenSSL: Schwachstelle ermöglicht Denial of Service	2024-04-08T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-0694	Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff	2024-03-21T23:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-0690	Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff	2024-03-20T23:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-0459	Linux Kernel: Mehrere Schwachstellen	2024-02-21T23:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-0371	AMD SEV-SNP Firmware für Prozessoren: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen	2024-02-13T23:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-0296	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2024-02-04T23:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2024-0239	Apache ActiveMQ: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2018-09-10T22:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2023-3201	Linux Kernel: Mehrere Schwachstellen	2023-12-21T23:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2023-3182	OpenSSH: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen	2023-12-19T23:00:00.000+00:00	2024-07-23T22:00:00.000+00:00
wid-sec-w-2023-3022	Apache ActiveMQ: Schwachstelle ermöglicht Codeausführung	2023-11-28T23:00:00.000+00:00	2024-07-23T22:00:00.000+00:00

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
ssa-885980	SSA-885980: Multiple Vulnerabilities in Scalance W1750D	2024-04-09T00:00:00Z	2024-04-09T00:00:00Z
ssa-831302	SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0	2023-06-13T00:00:00Z	2024-04-09T00:00:00Z
ssa-822518	SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 devices	2024-04-09T00:00:00Z	2024-04-09T00:00:00Z
ssa-794697	SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1	2023-06-13T00:00:00Z	2024-04-09T00:00:00Z
ssa-730482	SSA-730482: Denial of Service Vulnerability in SIMATIC WinCC	2024-04-09T00:00:00Z	2024-04-09T00:00:00Z
ssa-716164	SSA-716164: Multiple Vulnerabilities in Scalance W1750D	2024-02-13T00:00:00Z	2024-04-09T00:00:00Z
ssa-556635	SSA-556635: Multiple Vulnerabilities in Telecontrol Server Basic before V3.1.2.0	2024-04-09T00:00:00Z	2024-04-09T00:00:00Z
ssa-457702	SSA-457702: Wi-Fi Encryption Bypass Vulnerabilities in SCALANCE W700 Product Family	2023-11-14T00:00:00Z	2024-04-09T00:00:00Z
ssa-222019	SSA-222019: X_T File Parsing Vulnerabilities in Parasolid	2024-04-09T00:00:00Z	2024-04-09T00:00:00Z
ssa-203374	SSA-203374: Multiple OpenSSL Vulnerabilities in SCALANCE W1750D Devices	2023-03-14T00:00:00Z	2024-04-09T00:00:00Z
ssa-128433	SSA-128433: Multiple Vulnerabilities in SINEC NMS before V2.0 SP2	2024-04-09T00:00:00Z	2024-04-09T00:00:00Z
ssa-943925	SSA-943925: Multiple Vulnerabilities in SINEC NMS before V2.0 SP1	2024-02-13T00:00:00Z	2024-03-12T00:00:00Z
ssa-918992	SSA-918992: Unused HTTP Service on SENTRON 3KC ATC6 Ethernet Module	2024-03-12T00:00:00Z	2024-03-12T00:00:00Z
ssa-792319	SSA-792319: Missing Read Out Protection in SENTRON 7KM PAC3x20 Devices	2024-03-12T00:00:00Z	2024-03-12T00:00:00Z
ssa-770721	SSA-770721: Multiple Vulnerabilities in SIMATIC RF160B before V2.2	2024-03-12T00:00:00Z	2024-03-12T00:00:00Z
ssa-699386	SSA-699386: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family before V4.5	2023-11-14T00:00:00Z	2024-03-12T00:00:00Z
ssa-693975	SSA-693975: Denial-of-Service Vulnerability in the Web Server of Industrial Products	2023-12-12T00:00:00Z	2024-03-12T00:00:00Z
ssa-653855	SSA-653855: Information Disclosure vulnerability in SINEMA Remote Connect Client before V3.1 SP1	2024-03-12T00:00:00Z	2024-03-12T00:00:00Z
ssa-576771	SSA-576771: Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.2	2024-03-12T00:00:00Z	2024-03-12T00:00:00Z
ssa-366067	SSA-366067: Multiple Vulnerabilities in Fortigate NGFW before V7.4.1 on RUGGEDCOM APE1808 devices	2024-03-12T00:00:00Z	2024-03-12T00:00:00Z
ssa-145196	SSA-145196: Authorization Bypass Vulnerability in Siveillance Control	2024-03-12T00:00:00Z	2024-03-12T00:00:00Z
ssa-000072	SSA-000072: Multiple File Parsing Vulnerabilities in Simcenter Femap	2024-02-13T00:00:00Z	2024-03-12T00:00:00Z
ssa-806742	SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4	2024-02-13T00:00:00Z	2024-02-13T00:00:00Z
ssa-797296	SSA-797296: XT File Parsing Vulnerability in Parasolid	2024-02-13T00:00:00Z	2024-02-13T00:00:00Z
ssa-647068	SSA-647068: Ripple20 in SIMATIC RTLS Gateways	2024-02-13T00:00:00Z	2024-02-13T00:00:00Z
ssa-602936	SSA-602936: Multiple Vulnerabilities in SCALANCE SC-600 Family before V3.1	2024-02-13T00:00:00Z	2024-02-13T00:00:00Z
ssa-580228	SSA-580228: Use of Hard-Coded Credentials Vulnerability in Location Intelligence before V4.3	2024-02-13T00:00:00Z	2024-02-13T00:00:00Z
ssa-543502	SSA-543502: Local Privilege Escalation Vulnerability in Unicam FX	2024-02-13T00:00:00Z	2024-02-13T00:00:00Z
ssa-516818	SSA-516818: TCP Sequence Number Validation Vulnerability in the TCP/IP Stack of CP343-1 Devices	2024-02-13T00:00:00Z	2024-02-13T00:00:00Z
ssa-434032	SSA-434032: Input Validation Vulnerability in the DHCP Client of Nucleus RTOS	2019-11-12T00:00:00Z	2024-02-13T00:00:00Z

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
rhsa-2021_5137	Red Hat Security Advisory: Openshift Logging Security Release (5.0.10)	2021-12-14T21:36:36+00:00	2024-11-15T21:20:31+00:00
rhsa-2022_5685	Red Hat Security Advisory: java-11-openjdk security update	2022-07-21T14:12:37+00:00	2024-11-15T21:20:29+00:00
rhsa-2021_5126	Red Hat Security Advisory: Red Hat Integration Camel Extensions for Quarkus GA security update	2021-12-14T16:19:04+00:00	2024-11-15T21:20:29+00:00
rhsa-2021_5133	Red Hat Security Advisory: Red Hat AMQ Streams 1.6.5 release and security update	2021-12-14T21:13:26+00:00	2024-11-15T21:20:25+00:00
rhsa-2021_5130	Red Hat Security Advisory: Red Hat Integration Camel-K 1.6.2 release and security update	2021-12-14T17:55:09+00:00	2024-11-15T21:20:23+00:00
rhsa-2022_0296	Red Hat Security Advisory: Red Hat Process Automation Manager 7.12.0 security update	2022-01-26T15:52:53+00:00	2024-11-15T21:20:21+00:00
rhsa-2021_5138	Red Hat Security Advisory: Red Hat AMQ Streams 1.8.4 release and security update	2021-12-14T21:49:01+00:00	2024-11-15T21:20:19+00:00
rhsa-2021_5129	Red Hat Security Advisory: Openshift Logging security and bug update (5.3.1)	2021-12-14T19:37:00+00:00	2024-11-15T21:20:17+00:00
rhsa-2021_5132	Red Hat Security Advisory: Red Hat Data Grid 8.2.2 security update	2021-12-14T20:03:50+00:00	2024-11-15T21:20:12+00:00
rhsa-2021_5108	Red Hat Security Advisory: OpenShift Container Platform 4.8.z security update	2021-12-14T15:09:31+00:00	2024-11-15T21:20:09+00:00
rhsa-2021_5134	Red Hat Security Advisory: Red Hat Fuse 7.10.0 release and security update	2021-12-14T21:31:33+00:00	2024-11-15T21:20:03+00:00
rhsa-2021_5128	Red Hat Security Advisory: Openshift Logging security and bug update (5.1.5)	2021-12-14T18:09:12+00:00	2024-11-15T21:20:03+00:00
rhsa-2021_5094	Red Hat Security Advisory: OpenShift Container Platform 3.11.z security update	2021-12-14T05:50:14+00:00	2024-11-15T21:19:55+00:00
rhsa-2024_8064	Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4.3 for Spring Boot security update.	2024-10-14T15:53:39+00:00	2024-11-15T21:17:20+00:00
rhsa-2024_7735	Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update	2024-10-07T12:18:17+00:00	2024-11-15T21:17:11+00:00
rhsa-2024_7736	Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 Security update	2024-10-07T12:49:23+00:00	2024-11-15T21:16:59+00:00
rhsa-2024_7442	Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0 security update	2024-10-01T07:54:26+00:00	2024-11-15T21:16:51+00:00
rhsa-2024_7441	Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0 security update	2024-10-01T08:03:25+00:00	2024-11-15T21:16:41+00:00
rhsa-2024_8339	Red Hat Security Advisory: Red Hat Integration Camel K 1.10.8 release and security update.	2024-10-22T18:29:33+00:00	2024-11-15T21:16:31+00:00
rhsa-2024_7052	Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA)	2024-09-24T12:51:36+00:00	2024-11-15T21:16:31+00:00
rhsa-2024_6883	Red Hat Security Advisory: Red Hat Build of Apache Camel 3.20.7 for Spring Boot security update.	2024-09-19T16:46:46+00:00	2024-11-15T21:16:22+00:00
rhsa-2024_6667	Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.16.0 release	2024-09-12T21:30:49+00:00	2024-11-15T21:16:12+00:00
rhsa-2024_6508	Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4.2 for Spring Boot security update.	2024-09-09T17:17:28+00:00	2024-11-15T21:16:03+00:00
rhsa-2024_4873	Red Hat Security Advisory: Apicurio Registry (container images) release and security update [ 2.6.1 GA ]	2024-07-25T15:04:49+00:00	2024-11-15T21:15:42+00:00
rhsa-2024_6437	Red Hat Security Advisory: Red Hat build of Quarkus 3.8.6 release and security update	2024-09-23T14:23:03+00:00	2024-11-15T21:15:41+00:00
rhsa-2024_4173	Red Hat Security Advisory: Red Hat build of Cryostat 3.0.0: new RHEL 8 container image security update	2024-07-08T02:23:02+00:00	2024-11-15T21:15:41+00:00
rhsa-2024_5482	Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.3 Security update	2024-08-15T20:07:00+00:00	2024-11-15T21:15:32+00:00
rhsa-2024_4597	Red Hat Security Advisory: Red Hat Product OCP Tools 4.15 OpenShift Jenkins security update	2024-07-17T18:49:17+00:00	2024-11-15T21:15:32+00:00
rhsa-2024_4057	Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.33.0 security update & enhancements	2024-06-24T01:38:27+00:00	2024-11-15T21:15:31+00:00
rhsa-2024_5481	Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.3 Security update	2024-08-15T20:11:37+00:00	2024-11-15T21:15:20+00:00

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
icsa-24-137-08	Siemens PS/IGES Parasolid Translator Component	2024-05-14T00:00:00.000000Z	2024-05-14T00:00:00.000000Z
icsa-24-137-07	Siemens SIMATIC RTLS Locating Manager	2024-05-14T00:00:00.000000Z	2024-05-14T00:00:00.000000Z
icsa-24-137-06	Siemens SIMATIC CN 4100	2024-05-14T00:00:00.000000Z	2024-05-14T00:00:00.000000Z
icsa-24-137-05	Siemens Simcenter Nastran	2024-05-14T00:00:00.000000Z	2024-05-14T00:00:00.000000Z
icsa-24-137-04	Siemens Polarion ALM	2024-05-14T00:00:00.000000Z	2024-05-14T00:00:00.000000Z
icsa-24-137-03	Siemens Teamcenter Visualization and JT2Go	2024-05-14T00:00:00.000000Z	2024-05-14T00:00:00.000000Z
icsa-24-137-02	Siemens SICAM Products	2024-05-14T00:00:00.000000Z	2024-05-14T00:00:00.000000Z
icsa-24-137-01	Siemens Parasolid	2024-05-14T00:00:00.000000Z	2024-05-14T00:00:00.000000Z
icsa-24-130-03	Delta Electronics InfraSuite Device Master	2024-05-09T06:00:00.000000Z	2024-05-09T06:00:00.000000Z
icsa-24-130-02	alpitronic Hypercharger EV charger	2024-05-09T06:00:00.000000Z	2024-05-09T06:00:00.000000Z
icsa-24-130-01	Rockwell Automation FactoryTalk Historian SE	2024-05-09T06:00:00.000000Z	2024-05-09T06:00:00.000000Z
icsa-24-107-03	Rockwell Automation ControlLogix and GuardLogix (Update A)	2024-04-16T06:00:00.000000Z	2024-05-09T06:00:00.000000Z
icsa-24-128-02	SUBNET Substation Server	2024-05-07T06:00:00.000000Z	2024-05-07T06:00:00.000000Z
icsa-24-128-01	PTC Codebeamer	2024-05-07T06:00:00.000000Z	2024-05-07T06:00:00.000000Z
icsa-24-123-02	Delta Electronics DIAEnergie	2024-05-02T06:00:00.000000Z	2024-05-02T06:00:00.000000Z
icsa-24-123-01	CyberPower PowerPanel Business	2024-05-02T06:00:00.000000Z	2024-05-02T06:00:00.000000Z
icsa-24-067-01	Chirp Systems Chirp Access (Update C)	2024-03-07T07:00:00.000000Z	2024-05-02T06:00:00.000000Z
icsa-24-121-01	Delta Electronics CNCSoft-G2 DOPSoft	2024-04-30T06:00:00.000000Z	2024-04-30T06:00:00.000000Z
icsa-24-109-01	Unitronics Vision Legacy series (Update A)	2024-04-18T06:00:00.000000Z	2024-04-30T06:00:00.000000Z
icsa-24-016-01	SEW-EURODRIVE MOVITOOLS MotionStudio	2024-01-16T07:00:00.000000Z	2024-04-30T06:00:00.000000Z
icsa-24-116-04	Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC	2024-04-25T06:00:00.000000Z	2024-04-25T06:00:00.000000Z
icsa-24-116-02	Hitachi Energy MACH SCM	2024-04-25T06:00:00.000000Z	2024-04-25T06:00:00.000000Z
icsa-24-116-01	Hitachi Energy RTU500 Series	2024-04-25T06:00:00.000000Z	2024-04-25T06:00:00.000000Z
icsa-24-102-09	Rockwell Automation 5015-AENFTXT (Update A)	2024-04-11T06:00:00.000000Z	2024-04-25T06:00:00.000000Z
icsa-23-157-02	Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series (Update A)	2023-06-06T06:00:00.000000Z	2024-04-25T06:00:00.000000Z
icsa-23-143-03	Mitsubishi Electric MELSEC Series CPU module (Update D)	2023-05-23T06:00:00.000000Z	2024-04-25T06:00:00.000000Z
icsa-24-051-03	Mitsubishi Electric Electrical discharge machines	2024-02-20T07:00:00.000000Z	2024-04-23T06:00:00.000000Z
icsa-24-116-03	Siemens RUGGEDCOM APE1808 devices configured with Palo Alto Networks Virtual NGFW	2024-04-19T00:00:00.000000Z	2024-04-19T00:00:00.000000Z
icsa-21-287-03	Mitsubishi Electric MELSEC iQ-R Series	2021-08-06T06:00:00.000000Z	2024-04-18T06:00:00.000000Z
icsa-21-250-01	Mitsubishi Electric MELSEC iQ-R Series	2021-09-07T06:00:00.000000Z	2024-04-18T06:00:00.000000Z

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
cisco-sa-ndhs-uaapi-jh4v6zpn	Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerabilities	2024-10-02T16:00:00+00:00	2024-10-02T16:00:00+00:00
cisco-sa-ndhs-idv-bk8vqedc	Cisco Nexus Dashboard Hosted Services Information Disclosure Vulnerabilities	2024-10-02T16:00:00+00:00	2024-10-02T16:00:00+00:00
cisco-sa-ndfc-raci-t46k3jnn	Cisco Nexus Dashboard Fabric Controller REST API Command Injection Vulnerability	2024-10-02T16:00:00+00:00	2024-10-02T16:00:00+00:00
cisco-sa-ndfc-ptrce-bushlbp	Cisco Nexus Dashboard Fabric Controller Remote Code Execution Vulnerability	2024-10-02T16:00:00+00:00	2024-10-02T16:00:00+00:00
cisco-sa-ndfc-cmdinj-uvyzrkfr	Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability	2024-10-02T16:00:00+00:00	2024-10-02T16:00:00+00:00
cisco-sa-ndfc-cidv-xvyx2wlj	Cisco Nexus Dashboard Fabric Controller Configuration Backup Information Disclosure Vulnerability	2024-10-02T16:00:00+00:00	2024-10-02T16:00:00+00:00
cisco-sa-meraki-mx-vpn-dos-qtrhzg2	Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Denial of Service Vulnerabilities	2024-10-02T16:00:00+00:00	2024-10-02T16:00:00+00:00
cisco-sa-meraki-mx-vpn-dos-by-qwukqv7x	Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Session Takeover and Denial of Service Vulnerability	2024-10-02T16:00:00+00:00	2024-10-02T16:00:00+00:00
cisco-sa-ise-info-disc-zyf2neex	Cisco Identity Services Engine Information Disclosure Vulnerability	2024-10-02T16:00:00+00:00	2024-10-02T16:00:00+00:00
cisco-sa-expw-escalation-3bkz77bd	Cisco Expressway Series Privilege Escalation Vulnerability	2024-10-02T16:00:00+00:00	2024-10-02T16:00:00+00:00
cisco-sa-cimc-redfish-cominj-sbkv5zz	Cisco UCS B-Series, Managed C-Series, and X-Series Servers Redfish API Command Injection Vulnerability	2024-10-02T16:00:00+00:00	2024-10-02T16:00:00+00:00
cisco-sa-webui-csrf-ycuyxkko	Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability	2024-09-25T16:00:00+00:00	2024-09-25T16:00:00+00:00
cisco-sa-utd-snort3-dos-bypas-b4ouewxd	Cisco Unified Threat Defense Snort Intrusion Prevention System Engine for Cisco IOS XE Software Security Policy Bypass and Denial of Service Vulnerability	2024-09-25T16:00:00+00:00	2024-09-25T16:00:00+00:00
cisco-sa-sdwan-xss-zq4kpvyd	Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability	2024-09-25T16:00:00+00:00	2024-09-25T16:00:00+00:00
cisco-sa-sdwan-utd-dos-hdatqxs	Cisco Catalyst SD-WAN Routers Denial of Service Vulnerability	2024-09-25T16:00:00+00:00	2024-09-25T16:00:00+00:00
cisco-sa-sdw-vedos-kqffhps3	Cisco SD-WAN vEdge Software UDP Packet Validation Denial of Service Vulnerability	2024-09-25T16:00:00+00:00	2024-09-25T16:00:00+00:00
cisco-sa-rsvp-dos-oypvgvzf	Cisco IOS and IOS XE Software Resource Reservation Protocol Denial of Service Vulnerability	2024-09-25T16:00:00+00:00	2024-09-25T16:00:00+00:00
cisco-sa-repacl-9exgnbpd	Cisco IOS Software on Cisco Industrial Ethernet Series Switches Access Control List Bypass Vulnerability	2024-09-25T16:00:00+00:00	2024-09-25T16:00:00+00:00
cisco-sa-pim-apbvfysj	Cisco IOS XE Software Protocol Independent Multicast Denial of Service Vulnerability	2024-09-25T16:00:00+00:00	2024-09-25T16:00:00+00:00
cisco-sa-ios-xe-sda-edge-dos-mbcbg9k	Cisco IOS XE Software SD-Access Fabric Edge Node Denial of Service Vulnerability	2024-09-25T16:00:00+00:00	2024-09-25T16:00:00+00:00
cisco-sa-ios-webui-hfwnrgk	Cisco IOS and IOS XE Software Web UI Cross-Site Request Forgery Vulnerability	2024-09-25T16:00:00+00:00	2024-09-25T16:00:00+00:00
cisco-sa-httpsrvr-dos-yozthut	Cisco IOS XE Software HTTP Server Telephony Services Denial of Service Vulnerability	2024-09-25T16:00:00+00:00	2024-09-25T16:00:00+00:00
cisco-sa-dnac-ssh-e4uodasj	Cisco Catalyst Center Static SSH Host Key Vulnerability	2024-09-25T16:00:00+00:00	2024-09-25T16:00:00+00:00
cisco-sa-cpp-vfr-dos-nhhkggo	Cisco IOS XE Software IPv4 Fragmentation Reassembly Denial of Service Vulnerability	2024-09-25T16:00:00+00:00	2024-09-25T16:00:00+00:00
cisco-sa-c9800-cwa-acl-npsbhsna	Cisco IOS XE Software for Wireless Controllers CWA Pre-Authentication ACL Bypass Vulnerability	2024-09-25T16:00:00+00:00	2024-09-25T16:00:00+00:00
cisco-sa-nso-auth-bypass-qnteesp	Multiple Cisco Products Web-Based Management Interface Privilege Escalation Vulnerability	2024-09-11T16:00:00+00:00	2024-09-25T13:05:54+00:00
cisco-sa-cucm-xss-9zmfhyz	Cisco Unified Communications Manager Cross-Site Scripting Vulnerability	2024-08-21T16:00:00+00:00	2024-09-20T15:48:56+00:00
cisco-sa-nxos-cmd-injection-xd9ohyop	Cisco NX-OS Software CLI Command Injection Vulnerability	2024-07-01T16:00:00+00:00	2024-09-17T18:05:20+00:00
cisco-sa-openssh-rce-2024	Remote Unauthenticated Code Execution Vulnerability in OpenSSH Server (regreSSHion): July 2024	2024-07-02T16:00:00+00:00	2024-09-13T14:43:44+00:00
cisco-sa-pak-mem-exhst-3ke9fefy	Cisco IOS XR Software UDP Packet Memory Exhaustion Vulnerability	2024-09-11T16:00:00+00:00	2024-09-11T16:00:00+00:00

Vulnerabilities are sorted by update time (recent to old).
ID	Description
var-201402-0026	Buffer overflow in the process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative value in a label_len value. radvd is prone to the follow security vulnerabilities: 1. Multiple local privilege-escalation vulnerability. 2. A local arbitrary file-overwrite vulnerability. 3. Multiple remote denial-of-service vulnerabilities. An attacker can exploit these issues to execute arbitrary code with administrative privileges, overwrite arbitrary files, and cause denial-of-service conditions. The software can replace IPv6 routing for stateless address auto-configuration. A buffer overflow vulnerability exists in the 'process_ra' function in radvd 1.8.1 and earlier. ========================================================================== Ubuntu Security Notice USN-1257-1 November 10, 2011 radvd vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: radvd could be made to crash or overwrite certain files if it received specially crafted network traffic. Software Description: - radvd: Router Advertisement Daemon Details: Vasiliy Kulikov discovered that radvd incorrectly parsed the ND_OPT_DNSSL_INFORMATION option. The default compiler options for affected releases should reduce the vulnerability to a denial of service. This issue only affected Ubuntu 11.04 and 11.10. (CVE-2011-3601) Vasiliy Kulikov discovered that radvd incorrectly filtered interface names when creating certain files. (CVE-2011-3602) Vasiliy Kulikov discovered that radvd incorrectly handled certain lengths. (CVE-2011-3604) Vasiliy Kulikov discovered that radvd incorrectly handled delays when used in unicast mode, which is not the default in Ubuntu. If used in unicast mode, a remote attacker could cause radvd outages, resulting in a denial of service. (CVE-2011-3605) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: radvd 1:1.8-1ubuntu0.1 Ubuntu 11.04: radvd 1:1.7-1ubuntu0.1 Ubuntu 10.10: radvd 1:1.6-1ubuntu0.1 Ubuntu 10.04 LTS: radvd 1:1.3-1.1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1257-1 CVE-2011-3601, CVE-2011-3602, CVE-2011-3604, CVE-2011-3605 Package Information: https://launchpad.net/ubuntu/+source/radvd/1:1.8-1ubuntu0.1 https://launchpad.net/ubuntu/+source/radvd/1:1.7-1ubuntu0.1 https://launchpad.net/ubuntu/+source/radvd/1:1.6-1ubuntu0.1 https://launchpad.net/ubuntu/+source/radvd/1:1.3-1.1ubuntu0.1 . ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for radvd SECUNIA ADVISORY ID: SA46930 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46930/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46930 RELEASE DATE: 2011-11-21 DISCUSS ADVISORY: http://secunia.com/advisories/46930/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46930/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46930 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for radvd. For more information: SA46200 SOLUTION: Update to "net-misc/radvd-1.8.2" or later. ORIGINAL ADVISORY: GLSA 201111-08: http://www.gentoo.org/security/en/glsa/glsa-201111-08.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201111-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: radvd: Multiple vulnerabilities Date: November 20, 2011 Bugs: #385967 ID: 201111-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in radvd which could potentially lead to privilege escalation, data loss, or a Denial of Service. Background ========== radvd is an IPv6 router advertisement daemon for Linux and BSD. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/radvd < 1.8.2 >= 1.8.2 Description =========== Multiple vulnerabilities have been discovered in radvd. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All radvd users should upgrade to the latest stable version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/radvd-1.8.2" References ========== [ 1 ] CVE-2011-3601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3601 [ 2 ] CVE-2011-3602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3602 [ 3 ] CVE-2011-3603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3603 [ 4 ] CVE-2011-3604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3604 [ 5 ] CVE-2011-3605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3605 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201111-08.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5
var-201805-1144	In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several SQL injection vulnerabilities have been identified, which may allow an attacker to disclose sensitive information from the host. plural Advantech WebAccess The product includes SQL An injection vulnerability exists.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the handling of the GetAlarms function in BWMobileService.dll. When parsing the ProjectName parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
var-201805-1143	In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwsound.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A stack buffer overflow vulnerability exists in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
var-202005-0008	Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000791d in DATACORE.exe. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required
var-202407-0704	A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5.40), SICORE Base system (All versions < V1.4.0). Affected devices allow a remote authenticated user or an unauthenticated user with physical access to downgrade the firmware of the device. This could allow an attacker to downgrade the device to older versions with known vulnerabilities. SICAM 8 Power automation platform is a universal, all-in-one hardware and software-based solution for all applications in the power supply sector. SICAM A8000 RTUs are modular devices for remote control and automation applications in all energy supply sectors. SICAM EGS is the gateway for local substations in distribution networks
var-200107-0035	slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. Multiple versions of OpenLDAP contain vulnerabilities that may allow denial-of-service attacks. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product, the CERT/CC encourages you to follow the advice provided below. Vulnerabilities exist in slapd in OpenLDAP 1.x versions prior to 1.2.12 and 2.x versions prior to 2.0.8
var-200512-0643	Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted (1) QuickTime Image File (QTIF), (2) PICT, or (3) JPEG format image with a long data field. Apple's QuickTime is a player for files and streaming media in a variety of different formats. QuickTime is prone to a remote heap-based overflow vulnerability. This issue presents itself when the application processes a specially crafted QTIF (QuickTime Image) file. A successful attack can result in a remote compromise. Apple QuickTime is prone to a buffer-overflow vulnerability because the application fails to do proper bounds checking on user-supplied data before copying it to finite-sized process buffers. Unsuccessful exploit attempts will most likely crash the application. This issue affects QuickTime 6.5.2 and 7.0.3; other versions may also be vulnerable. QuickTime 7.0.4 may also be vulnerable, but this has not been confirmed. This issue may have previously been discussed in BID 16202 (Apple QuickTime Multiple Code Execution Vulnerabilities). Quicktime will copy to the stack byte by byte when processing the data field of the qtif format file, but it does not perform the correct check, so it will cause a stack overflow in memory. The original function pointer value is 0x44332211. Just overflow it to 0x08332211 and make sure it doesn't crash before overflowing 0x44 to 0x08, and the code will execute. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-011A Apple QuickTime Vulnerabilities Original release date: January 11, 2006 Last revised: January 11, 2006 Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows XP * Microsoft Windows 2000 Overview Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service. I. (CAN-2005-3713) II. Impact The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes. Potential consequences include remote execution of arbitrary code or commands and denial of service. III. Solution Upgrade Upgrade to QuickTime 7.0.4. Appendix A. References * US-CERT Vulnerability Note VU#629845 - <http://www.kb.cert.org/vuls/id/629845> * US-CERT Vulnerability Note VU#921193 - <http://www.kb.cert.org/vuls/id/921193> * US-CERT Vulnerability Note VU#115729 - <http://www.kb.cert.org/vuls/id/115729> * US-CERT Vulnerability Note VU#150753 - <http://www.kb.cert.org/vuls/id/150753> * US-CERT Vulnerability Note VU#913449 - <http://www.kb.cert.org/vuls/id/913449> * CVE-2005-2340 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2340> * CVE-2005-4092 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4092> * CVE-2005-3707 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707> * CVE-2005-3710 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710> * CVE-2005-3713 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3713> * Security Content for QuickTime 7.0.4 - <http://docs.info.apple.com/article.html?artnum=303101> * QuickTime 7.0.4 - <http://www.apple.com/support/downloads/quicktime704.html> * About the Mac OS X 10.4.4 Update (Delta) - <http://docs.info.apple.com/article.html?artnum=302810> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA06-011A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA06-011A Feedback VU#913449" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History January 11, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQ8V8iX0pj593lg50AQJ85wf+OuHVseQVzZ0uI8h8TnmtAJmjzV6tp3Cj 34jwpSLlvo5S8svIHChcX/BYOwKVL/uQZswsjk/mbEu+TrPcVKPd7VPCetxIXVey AdC5hsAH1Wm0MnvY1LgvONo8IQ9RlT6Rj6fY7k7QhPUWsYxj/rDCWDAY9kgsHXc/ HpXWL/Cy5va35z8aYHrLVlxmofKrOWtX0PVa6lSKV8lIsY+TDihA5tYIb5wRDVxL osieJ+MHSXGchXpjX2c0o6Ja6vhJNR61LEwelk9FMLT1JRTkp+wz9/AoVUSyZ/hy 0WBP0M8cwl8koWgijNcLXA18YX8QtDftAVRwpwHKMrbNCYdrWblYVw== =5Kiq -----END PGP SIGNATURE-----
var-200512-0611	Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 was originally identified by CVE-2005-4128 for a pre-patch announcement. Apple's QuickTime is a player for files and streaming media in a variety of different formats. A flaw in QuickTime's handling of Targa (TGA) image format files could allow a remote attacker to execute arbitrary code on a vulnerable system. Apple From QuickTime Version that fixes multiple vulnerabilities in 7.0.4 Has been released.Arbitrary code may be executed by a remote third party, DoS You can be attacked. For more information, see the information provided by the vendor. These issues arise when the application handles specially crafted QTIF, TGA, TIFF, and GIF image formats. Successful exploits of these issues may allow remote attackers to trigger a denial-of-service condition or to gain unauthorized access. This issue affects both Mac OS X and Microsoft Windows releases of the software. This issue may be triggered when the application processes a malformed movie (.MOV) file. Successful exploitation will result in execution of arbitrary code in the context of the currently logged in user. This issue affects Apple QuickTime 7.0.3 and iTunes 6.0.1. Earlier versions may also be affected. Multiple buffer overflow vulnerabilities exist in QuickTime.qts. This specific flaw exists within the QuickTime.qts file which many applications access QuickTime's functionality through. By specially crafting atoms within a movie file, a direct heap overwrite is triggered, and reliable code execution is then possible. Technical Details: Technical Description: The code in QuickTime.qts responsible for the size of the Sample Description Table entries from the 'stsd' atom in a QuickTime-format movie on the heap. According to developer.apple.com, the format of the Sample Description Atom is as follows: Field Description ---------------------------------------------------------------- Size 32-bit int Data Format 4 char code Reserved 6 bytes that must be 0 Data Reference Index 16-bit int Hint Track Version 16-bit unsigned int Last compatible hint track version 16-bit unsigned int Max Packet Size 32-bit int Additional Data Table Variable By setting the size of the Sample Description Table to a size of 00 15 - 00 D0 will cause a heap-based overflow. By supplying the "Last compatible hint track version" field with the value of 00 05 - 00 09, an insufficiently-sized heap block will be allocated, resulting in a classic complete heap memory overwrite during the RtlAllocateHeap() function and the attacker can control memory with data taken from the filename of the .MOV file. This vulnerability can be successfully exploited via an embedded media player in an HTML page, email, or HTML link. References QuickTime: QuickTime File Format http://developer.apple.com/documentation/QuickTime/QTFF/index.html Protection: Retina Network Security Scanner has been updated to identify this vulnerability. Vendor Status: Apple has released a patch for this vulnerability. The patch is available via the Updates section of the affected applications. This vulnerability has been assigned the CVE identifier CVE-2005-4092. Credit: Discovery: Karl Lynn Greetings: 0x41414141 Copyright (c) 1998-2006 eEye Digital Security Permission is hereby granted for the redistribution of this alert electronically. It is not to be edited in any way without express consent of eEye. If you wish to reprint the whole or any part of this alert in any other medium excluding electronic medium, please email alert@eEye.com for permission. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are no warranties, implied or express, with regard to this information. In no event shall the author be liable for any direct or indirect damages whatsoever arising out of or in connection with the use or spread of this information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-011A Apple QuickTime Vulnerabilities Original release date: January 11, 2006 Last revised: January 11, 2006 Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows XP * Microsoft Windows 2000 Overview Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service. I. (CAN-2005-3713) II. Impact The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes. III. Solution Upgrade Upgrade to QuickTime 7.0.4. Appendix A. References * US-CERT Vulnerability Note VU#629845 - <http://www.kb.cert.org/vuls/id/629845> * US-CERT Vulnerability Note VU#921193 - <http://www.kb.cert.org/vuls/id/921193> * US-CERT Vulnerability Note VU#115729 - <http://www.kb.cert.org/vuls/id/115729> * US-CERT Vulnerability Note VU#150753 - <http://www.kb.cert.org/vuls/id/150753> * US-CERT Vulnerability Note VU#913449 - <http://www.kb.cert.org/vuls/id/913449> * CVE-2005-2340 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2340> * CVE-2005-4092 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4092> * CVE-2005-3707 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707> * CVE-2005-3710 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710> * CVE-2005-3713 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3713> * Security Content for QuickTime 7.0.4 - <http://docs.info.apple.com/article.html?artnum=303101> * QuickTime 7.0.4 - <http://www.apple.com/support/downloads/quicktime704.html> * About the Mac OS X 10.4.4 Update (Delta) - <http://docs.info.apple.com/article.html?artnum=302810> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA06-011A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA06-011A Feedback VU#913449" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History January 11, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQ8V8iX0pj593lg50AQJ85wf+OuHVseQVzZ0uI8h8TnmtAJmjzV6tp3Cj 34jwpSLlvo5S8svIHChcX/BYOwKVL/uQZswsjk/mbEu+TrPcVKPd7VPCetxIXVey AdC5hsAH1Wm0MnvY1LgvONo8IQ9RlT6Rj6fY7k7QhPUWsYxj/rDCWDAY9kgsHXc/ HpXWL/Cy5va35z8aYHrLVlxmofKrOWtX0PVa6lSKV8lIsY+TDihA5tYIb5wRDVxL osieJ+MHSXGchXpjX2c0o6Ja6vhJNR61LEwelk9FMLT1JRTkp+wz9/AoVUSyZ/hy 0WBP0M8cwl8koWgijNcLXA18YX8QtDftAVRwpwHKMrbNCYdrWblYVw== =5Kiq -----END PGP SIGNATURE-----
var-200512-0300	Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a GIF image file with a crafted Netscape Navigator Application Extension Block that modifies the heap in the Picture Modifier block. Apple's QuickTime is a player for files and streaming media in a variety of different formats. A flaw in QuickTime's handling of Targa (TGA) image format files could allow a remote attacker to execute arbitrary code on a vulnerable system. Apple From QuickTime Version that fixes multiple vulnerabilities in 7.0.4 Has been released.Arbitrary code may be executed by a remote third party, DoS You can be attacked. For more information, see the information provided by the vendor. QuickTime is prone to a remote heap-based overflow vulnerability. This issue presents itself when the application processes a specially crafted GIF image file. A successful attack can result in a remote compromise. Versions prior to QuickTime 7.0.4 are vulnerable. This flaw has proven to allow for reliable control of data on the heap chunk and can be exploited via a web site by using ActiveX controls. The heap can be overwritten in the Picture Modifier block. The block size calculate code such as: .text:66A339CC mov ax, [esi+0Ch] .text:66A339D0 xor ecx, ecx .text:66A339D2 mov [esp+34h+var_28], ecx .text:66A339D6 mov [esp+34h+var_24], ecx .text:66A339DA mov [esp+34h+var_20], ecx .text:66A339DE mov [esp+34h+var_1C], ecx .text:66A339E2 mov word ptr [esp+34h+var_10], cx .text:66A339E7 mov [esp+34h+arg_4], eax .text:66A339EB movsx eax, ax .text:66A339EE mov word ptr [esp+34h+var_10+2], cx .text:66A339F3 mov cx, [esi+8] .text:66A339F7 movsx edx, cx .text:66A339FA sub eax, edx .text:66A339FC movsx edx, word ptr [esi+6] .text:66A33A00 add eax, 3Eh .text:66A33A03 push edi .text:66A33A04 movsx edi, word ptr [esi+0Ah] .text:66A33A08 sar eax, 3 .text:66A33A0B lea ebx, [esi+6] .text:66A33A0E and eax, 0FFFFFFFCh .text:66A33A11 sub edi, edx .text:66A33A13 movsx edx, ax .text:66A33A16 mov [esi+4], ax .text:66A33A1A imul edi, edx The allocate code is : .text:66A33A68 push edi .text:66A33A69 call sub_668B5B30 But when it real process data to this memory, it use real decode data to write this memory but didn\xa1\xaft check this heap size. This is segment of the write code function(sub_66AE0A70): .text:66AE0B18 movsx edx, word ptr [edi+12h] ; default .text:66AE0B1C imul edx, [edi+0Ch] .text:66AE0B20 mov ecx, [edi+4] .text:66AE0B23 inc word ptr [edi+16h] .text:66AE0B27 mov eax, [esp+arg_0] .text:66AE0B2B add edx, ecx .text:66AE0B2D mov [eax], edx .text:66AE0B2F mov eax, [ebp+10h] .text:66AE0B32 test eax, eax .text:66AE0B34 jz short loc_66AE0B62 .text:66AE0B36 mov ax, [ebp+1Ch] .text:66AE0B3A mov edx, [ebp+0Ch] .text:66AE0B3D movzx cx, ah .text:66AE0B41 mov ch, al .text:66AE0B43 mov [edx], cx .text:66AE0B46 movsx eax, word ptr [edi+12h] .text:66AE0B4A imul eax, [ebp+14h] .text:66AE0B4E add eax, [ebp+10h] .text:66AE0B51 mov cx, [ebp+18h] .text:66AE0B55 mov [ebp+0Ch], eax .text:66AE0B58 mov [ebp+1Ah], cx .text:66AE0B5C mov word ptr [ebp+1Ch], 0 Vendor Status: Apple has released a patch for this vulnerability. An attacker can create a qtif file and send it to the user via email, web page, or qtif file with activex and can directy overflow a function pointer immediately used so it can bypass any stack overflow protection in systems such as xp sp2 and 2003 sp1. Technical Details: When Quicktime processes the data field of a qtif format file, it will copy it to the stack by a byte to a byte , but there is no proper checking, so it will cause a stack overflow in memory. And in this stack, there is a function pointer which will be used immediately when it pre byte copies, so we can use it to bypass any stack overflow protection, such in xp sp2 and 2003 sp1. The origin function point value is 0x44332211. We only need to overflow it to : 0x08332211, ensuring it didn't cause a crash before the 0x44 has been overflowed to 0x08. When it overflows to 0x08332211, we can execute code to 0x08332211, and can first use javascript to get this memory and set my code in it. call [esp+138h+arg_4] <- call a function point in the stack, but this point can be overflowed References QuickTime: QuickTime File Format http://developer.apple.com/documentation/QuickTime/QTFF/index.html Protection: Retina Network Security Scanner has been updated to identify this vulnerability. Vendor Status: Apple has released a patch for this vulnerability. The patch is available via the Updates section of the affected applications. This vulnerability has been assigned the CVE identifier CVE-2005-2340. Credit: Discovery: Fang Xing Greetings: Thanks to all the guys at eEye, and especially Karl Lynn's help. Copyright (c) 1998-2006 eEye Digital Security Permission is hereby granted for the redistribution of this alert electronically. It is not to be edited in any way without express consent of eEye. If you wish to reprint the whole or any part of this alert in any other medium excluding electronic medium, please email alert@eEye.com for permission. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are no warranties, implied or express, with regard to this information. In no event shall the author be liable for any direct or indirect damages whatsoever arising out of or in connection with the use or spread of this information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-011A Apple QuickTime Vulnerabilities Original release date: January 11, 2006 Last revised: January 11, 2006 Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows XP * Microsoft Windows 2000 Overview Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service. I. Description Apple QuickTime 7.0.4 resolves a number of image and media file handling vulnerabilities. (CAN-2005-3713) II. Impact The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes. Potential consequences include remote execution of arbitrary code or commands and denial of service. III. Solution Upgrade Upgrade to QuickTime 7.0.4. Appendix A. References * US-CERT Vulnerability Note VU#629845 - <http://www.kb.cert.org/vuls/id/629845> * US-CERT Vulnerability Note VU#921193 - <http://www.kb.cert.org/vuls/id/921193> * US-CERT Vulnerability Note VU#115729 - <http://www.kb.cert.org/vuls/id/115729> * US-CERT Vulnerability Note VU#150753 - <http://www.kb.cert.org/vuls/id/150753> * US-CERT Vulnerability Note VU#913449 - <http://www.kb.cert.org/vuls/id/913449> * CVE-2005-2340 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2340> * CVE-2005-4092 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4092> * CVE-2005-3707 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707> * CVE-2005-3710 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710> * CVE-2005-3713 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3713> * Security Content for QuickTime 7.0.4 - <http://docs.info.apple.com/article.html?artnum=303101> * QuickTime 7.0.4 - <http://www.apple.com/support/downloads/quicktime704.html> * About the Mac OS X 10.4.4 Update (Delta) - <http://docs.info.apple.com/article.html?artnum=302810> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA06-011A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA06-011A Feedback VU#913449" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History January 11, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQ8V8iX0pj593lg50AQJ85wf+OuHVseQVzZ0uI8h8TnmtAJmjzV6tp3Cj 34jwpSLlvo5S8svIHChcX/BYOwKVL/uQZswsjk/mbEu+TrPcVKPd7VPCetxIXVey AdC5hsAH1Wm0MnvY1LgvONo8IQ9RlT6Rj6fY7k7QhPUWsYxj/rDCWDAY9kgsHXc/ HpXWL/Cy5va35z8aYHrLVlxmofKrOWtX0PVa6lSKV8lIsY+TDihA5tYIb5wRDVxL osieJ+MHSXGchXpjX2c0o6Ja6vhJNR61LEwelk9FMLT1JRTkp+wz9/AoVUSyZ/hy 0WBP0M8cwl8koWgijNcLXA18YX8QtDftAVRwpwHKMrbNCYdrWblYVw== =5Kiq -----END PGP SIGNATURE-----
var-200512-0297	Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified image height and width (ImageWidth) tags. Apple's QuickTime is a player for files and streaming media in a variety of different formats. Apple From QuickTime Version that fixes multiple vulnerabilities in 7.0.4 Has been released.Arbitrary code may be executed by a remote third party, DoS You can be attacked. For more information, see the information provided by the vendor. QuickTime is prone to a remote integer-overflow vulnerability. This issue presents itself when the application processes a specially crafted TIFF file. A successful attack can result in a remote compromise. Versions prior to QuickTime 7.0.4 are vulnerable. Fortinet Security Advisory: FSA-2006-03 Apple QuickTime Player ImageWidth Denial of Service Vulnerability Advisory Date : January 12, 2006 Reported Date : November 28, 2005 Vendor : Apple computers Affected Products : Apple QuickTime Player v7.0.3 Severity : Medium Reference : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710 http://docs.info.apple.com/article.html?artnum=303101 http://www.securityfocus.com/bid/16202/info Description : Fortinet Security Research Team (FSRT) has discovered a Denial of Service Vulnerability in the Apple QuickTime Player. This is due to application failure to sanitize the parameter ImageWidth value while parsing TIFF image files. Impact : Denial of Service Solution : Apple Computers has released a security update for this vulnerability, which is available for downloading from Apples's web site under security update. Fortinet Protection: Fortinet is protecting network from this vulnerability with latest IPS update. Acknowledgment : Dejun Meng of Fortinet Security Research team found this vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-011A Apple QuickTime Vulnerabilities Original release date: January 11, 2006 Last revised: January 11, 2006 Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows XP * Microsoft Windows 2000 Overview Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service. I. Description Apple QuickTime 7.0.4 resolves a number of image and media file handling vulnerabilities. (CAN-2005-3713) II. Impact The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes. Potential consequences include remote execution of arbitrary code or commands and denial of service. III. Solution Upgrade Upgrade to QuickTime 7.0.4. Appendix A. References * US-CERT Vulnerability Note VU#629845 - <http://www.kb.cert.org/vuls/id/629845> * US-CERT Vulnerability Note VU#921193 - <http://www.kb.cert.org/vuls/id/921193> * US-CERT Vulnerability Note VU#115729 - <http://www.kb.cert.org/vuls/id/115729> * US-CERT Vulnerability Note VU#150753 - <http://www.kb.cert.org/vuls/id/150753> * US-CERT Vulnerability Note VU#913449 - <http://www.kb.cert.org/vuls/id/913449> * CVE-2005-2340 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2340> * CVE-2005-4092 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4092> * CVE-2005-3707 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707> * CVE-2005-3710 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710> * CVE-2005-3713 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3713> * Security Content for QuickTime 7.0.4 - <http://docs.info.apple.com/article.html?artnum=303101> * QuickTime 7.0.4 - <http://www.apple.com/support/downloads/quicktime704.html> * About the Mac OS X 10.4.4 Update (Delta) - <http://docs.info.apple.com/article.html?artnum=302810> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA06-011A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA06-011A Feedback VU#913449" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History January 11, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQ8V8iX0pj593lg50AQJ85wf+OuHVseQVzZ0uI8h8TnmtAJmjzV6tp3Cj 34jwpSLlvo5S8svIHChcX/BYOwKVL/uQZswsjk/mbEu+TrPcVKPd7VPCetxIXVey AdC5hsAH1Wm0MnvY1LgvONo8IQ9RlT6Rj6fY7k7QhPUWsYxj/rDCWDAY9kgsHXc/ HpXWL/Cy5va35z8aYHrLVlxmofKrOWtX0PVa6lSKV8lIsY+TDihA5tYIb5wRDVxL osieJ+MHSXGchXpjX2c0o6Ja6vhJNR61LEwelk9FMLT1JRTkp+wz9/AoVUSyZ/hy 0WBP0M8cwl8koWgijNcLXA18YX8QtDftAVRwpwHKMrbNCYdrWblYVw== =5Kiq -----END PGP SIGNATURE-----
var-200512-0294	Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files. Apple's QuickTime is a player for files and streaming media in a variety of different formats. For more information, see the information provided by the vendor. QuickTime is prone to a remote buffer-overflow vulnerability. This issue presents itself when the application processes a specially crafted TGA image file. A successful attack can result in a remote compromise. Versions prior to QuickTime 7.0.4 are vulnerable. Fortinet Security Advisory: FSA-2006-04 Apple QuickTime Player Improper Memory Access Vulnerability Advisory Date : January 12, 2006 Reported Date : November 28, 2005 Vendor : Apple computers Affected Products : Apple QuickTime Player v7.0.3 Severity : High Reference : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707 http://docs.info.apple.com/article.html?artnum=303101 http://www.securityfocus.com/bid/16202/info Description : Fortinet Security Research Team (FSRT) has discovered a Improper Memory Access Vulnerability in the Apple QuickTime Player. Impact : Execute arbitrary code Solution : Apple Computers has released a security update for this vulnerability, which is available for downloading from Apples's web site under security update. Fortinet Protection: Fortinet is protecting network from this vulnerability with latest IPS update. Acknowledgment : Dejun Meng of Fortinet Security Research team found this vulnerability. Disclaimer : Although Fortinet has attempted to provide accurate information in these materials, Fortinet assumes no legal responsibility for the accuracy or completeness of the information. Please note that Fortinet's product information does not constitute or contain any guarantee, warranty or legally binding representation, unless expressly identified as such in a duly signed writing. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-011A Apple QuickTime Vulnerabilities Original release date: January 11, 2006 Last revised: January 11, 2006 Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows XP * Microsoft Windows 2000 Overview Apple has released QuickTime 7.0.4 to correct multiple vulnerabilities. The impacts of these vulnerabilities include execution of arbitrary code and denial of service. I. Description Apple QuickTime 7.0.4 resolves a number of image and media file handling vulnerabilities. (CAN-2005-3713) II. Impact The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes. Potential consequences include remote execution of arbitrary code or commands and denial of service. III. Solution Upgrade Upgrade to QuickTime 7.0.4. Appendix A. References * US-CERT Vulnerability Note VU#629845 - <http://www.kb.cert.org/vuls/id/629845> * US-CERT Vulnerability Note VU#921193 - <http://www.kb.cert.org/vuls/id/921193> * US-CERT Vulnerability Note VU#115729 - <http://www.kb.cert.org/vuls/id/115729> * US-CERT Vulnerability Note VU#150753 - <http://www.kb.cert.org/vuls/id/150753> * US-CERT Vulnerability Note VU#913449 - <http://www.kb.cert.org/vuls/id/913449> * CVE-2005-2340 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2340> * CVE-2005-4092 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4092> * CVE-2005-3707 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3707> * CVE-2005-3710 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3710> * CVE-2005-3713 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3713> * Security Content for QuickTime 7.0.4 - <http://docs.info.apple.com/article.html?artnum=303101> * QuickTime 7.0.4 - <http://www.apple.com/support/downloads/quicktime704.html> * About the Mac OS X 10.4.4 Update (Delta) - <http://docs.info.apple.com/article.html?artnum=302810> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA06-011A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA06-011A Feedback VU#913449" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History January 11, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBQ8V8iX0pj593lg50AQJ85wf+OuHVseQVzZ0uI8h8TnmtAJmjzV6tp3Cj 34jwpSLlvo5S8svIHChcX/BYOwKVL/uQZswsjk/mbEu+TrPcVKPd7VPCetxIXVey AdC5hsAH1Wm0MnvY1LgvONo8IQ9RlT6Rj6fY7k7QhPUWsYxj/rDCWDAY9kgsHXc/ HpXWL/Cy5va35z8aYHrLVlxmofKrOWtX0PVa6lSKV8lIsY+TDihA5tYIb5wRDVxL osieJ+MHSXGchXpjX2c0o6Ja6vhJNR61LEwelk9FMLT1JRTkp+wz9/AoVUSyZ/hy 0WBP0M8cwl8koWgijNcLXA18YX8QtDftAVRwpwHKMrbNCYdrWblYVw== =5Kiq -----END PGP SIGNATURE-----
var-201407-0233	Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4) CCDParameter, (5) SetColor, (6) AlarmImage, (7) GetParameter, (8) GetColor, (9) ServerResponse, (10) SetBaud, or (11) IPAddress parameter to an ActiveX control in (a) webvact.ocx, (b) dvs.ocx, or (c) webdact.ocx. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the webdact.ocx ActiveX Control. The control does not check the length of an attacker-supplied NodeName string before copying it into a fixed length buffer on the stack. This could allow an attacker to execute arbitrary code in the context of the browser process. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. Advantech WebAccess webvact.ocx, dvs.ocx and webdact.ocx ActiveX controls fail to properly handle long-length named ProjectName, SetParameter, NodeName, CCDParameter, SetColor, AlarmImage, GetParameter, GetColor, ServerResponse, SetBaud and IPAddress parameters, and attackers can build malicious A WEB page that entice a user to access, can crash an application or execute arbitrary code. Advantech WebAccess is prone to multiple remote stack-based buffer-overflow vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment
var-201601-0038	Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x27B1 IOCTL in the ViewSrv subsystem. A stack-based buffer overflow vulnerability exists in a call to BwBuildPath. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems
var-201801-0394	TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file. TP-LinkWVR, WAR and ERdevices are different series of router products from China TP-LINK. Security vulnerabilities exist in TP-LinkWVR, WAR, and ER devices
var-201904-0181	Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwmakdir.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of browser-based SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer overflow vulnerability exists in Advantech WebAccess/SCADA. This vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in execution to other associated memory locations. erroneous read and write operations
var-202108-1160	Description: A permissions issue was addressed with improved validation. This issue is fixed in watchOS 7.6, tvOS 14.7, macOS Big Sur 11.5. A malicious application may be able to bypass certain Privacy preferences. apple's macOS , tvOS , watchOS There is a vulnerability in improper default permissions.Information may be tampered with. REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the CVE program. Notes: none
var-202305-0218	D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the getpage and errorpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18419. D-Link DAP-1360 is a router from D-Link, a Chinese company
var-202305-0217	D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of login requests to the web-based user interface. The firmware contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-18455. D-Link DAP-1360 is a router from D-Link, a Chinese company
var-202305-0216	D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /cgi-bin/webproc endpoint. When parsing the errorpage and nextpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18746. D-Link DAP-1360 is a router from D-Link, a Chinese company
var-202305-0177	D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18417. D-Link DAP-1360 is a router from D-Link, a Chinese company
var-202305-0176	D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:sys_Token parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18418. D-Link DAP-1360 is a router from D-Link, a Chinese company
var-202305-0166	D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:menu parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18414. D-Link DAP-1360 is a router from D-Link, a Chinese company
var-202305-0154	D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the var:page parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18422. D-Link DAP-1360 is a router from D-Link, a Chinese company
var-202305-0153	D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webupg endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18423. D-Link DAP-1360 is a router from D-Link, a Chinese company
var-202305-0071	D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18416. D-Link DAP-1360 is a router from D-Link, a Chinese company
var-202305-0070	D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18454. D-Link DAP-1360 is a router from D-Link, a Chinese company
var-202308-3323	D-Link DAP-2622 DDP Change ID Password Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20060. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company
var-202308-3185	D-Link DAP-2622 DDP Configuration Backup Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20068. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company
var-202308-3131	D-Link DAP-2622 DDP Reset Factory Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20059. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company
var-202308-3130	D-Link DAP-2622 DDP Configuration Restore Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20069. D-Link DAP-2622 is a wireless access point device from D-Link, a Chinese company

Vulnerabilities are sorted by update time (recent to old).
ID	Description	Publish Date	Update Date
jvndb-2024-000088	Multiple vulnerabilities in ELECOM wireless LAN routers and access points	2024-08-27T14:40+09:00	2024-08-27T14:40+09:00
jvndb-2024-006646	Authentication Bypass Vulnerability in Hitachi Ops Center Common Services	2024-08-27T12:01+09:00	2024-08-27T12:01+09:00
jvndb-2024-006367	Unquoted Service Path in Hitachi Device Manager	2024-08-26T16:27+09:00	2024-08-26T16:27+09:00
jvndb-2024-000087	BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection	2024-08-23T14:17+09:00	2024-08-23T14:17+09:00
jvndb-2020-007305	Installer of Trend Micro Security 2020 (Consumer) may insecurely load Dynamic Link Libraries	2024-08-22T11:33+09:00	2024-08-22T11:33+09:00
jvndb-2017-009536	Packetbeat vulnerable to denial-of-service (DoS)	2024-08-21T17:54+09:00	2024-08-21T17:54+09:00
jvndb-2018-009127	Multiple vulnerabilities in LogonTracer	2024-08-21T17:37+09:00	2024-08-21T17:37+09:00
jvndb-2020-002957	A vulnerability in TOYOTA MOTOR's DCU (Display Control Unit)	2024-08-20T18:12+09:00	2024-08-20T18:12+09:00
jvndb-2020-007306	Trend Micro Security (Consumer) Driver vulnerable to Out-of-bounds Read	2024-08-20T17:52+09:00	2024-08-20T17:52+09:00
jvndb-2024-000085	"Rakuten Ichiba App" fails to restrict custom URL schemes properly	2024-08-20T16:56+09:00	2024-08-20T16:56+09:00
jvndb-2024-005167	EL Injection Vulnerability in Hitachi Tuning Manager	2024-08-15T09:38+09:00	2024-08-15T09:38+09:00
jvndb-2016-000124	WAON service app for Android fails to verify SSL server certificates	2024-08-15T09:36+09:00	2024-08-15T09:36+09:00
jvndb-2024-000083	Firmware update for RICOH JavaTM Platform resets the TLS configuration	2024-08-06T15:13+09:00	2024-08-06T15:13+09:00
jvndb-2024-000079	Cybozu Office vulnerable to bypass browsing restrictions in Custom App	2024-08-06T14:59+09:00	2024-08-06T14:59+09:00
jvndb-2024-000082	Pimax Play and PiTool accept WebSocket connections from unintended endpoints	2024-08-05T13:58+09:00	2024-08-05T13:58+09:00
jvndb-2024-000084	Multiple vulnerabilities in ZEXELON ZWX-2000CSW2-HN	2024-08-05T13:46+09:00	2024-08-05T13:46+09:00
jvndb-2024-000074	Multiple vulnerabilities in SKYSEA Client View	2024-07-29T15:28+09:00	2024-07-31T14:12+09:00
jvndb-2024-000077	FFRI AMC vulnerable to OS command injection	2024-07-30T16:40+09:00	2024-07-30T16:40+09:00
jvndb-2024-000081	EC-CUBE plugin (for EC-CUBE 4 series) "EC-CUBE Web API Plugin" vulnerable to stored cross-site scripting	2024-07-30T14:06+09:00	2024-07-30T14:06+09:00
jvndb-2024-000080	EC-CUBE 4 Series improper input validation when installing plugins	2024-07-30T13:56+09:00	2024-07-30T13:56+09:00
jvndb-2024-000028	Multiple vulnerabilities in SKYSEA Client View	2024-03-07T16:09+09:00	2024-07-29T18:13+09:00
jvndb-2024-004595	Multiple vulnerabilities in FutureNet NXR series, VXR series and WXR series	2024-07-29T17:51+09:00	2024-07-29T17:51+09:00
jvndb-2024-000076	SDoP contains a stack-based buffer overflow vulnerability.	2024-07-29T17:24+09:00	2024-07-29T17:24+09:00
jvndb-2024-003242	OMRON NJ/NX series vulnerable to insufficient verification of data authenticity	2024-05-28T12:28+09:00	2024-07-26T16:27+09:00
jvndb-2021-000105	PowerCMS XMLRPC API vulnerable to OS command injection	2021-11-24T15:47+09:00	2024-07-26T15:22+09:00
jvndb-2024-000075	ORC vulnerable to stack-based buffer overflow	2024-07-26T13:55+09:00	2024-07-26T13:55+09:00
jvndb-2022-000030	Multiple vulnerabilities in Operation management interface of FUJITSU Network IPCOM	2022-05-09T15:02+09:00	2024-07-18T16:30+09:00
jvndb-2024-000073	Assimp vulnerable to heap-based buffer overflow	2024-07-18T13:44+09:00	2024-07-18T13:44+09:00
jvndb-2024-000072	Cybozu Garoon vulnerable to cross-site scripting	2024-07-16T16:14+09:00	2024-07-16T16:14+09:00
jvndb-2024-000071	FUJITSU Network Edgiot GW1500 vulnerable to path traversal	2024-07-16T14:41+09:00	2024-07-16T14:41+09:00