SCALANCE XB205-3LD (SC, PN) Security Vulnerabilities

Mageia: Security Advisory (MGASA-2023-0342)

The remote host is missing an update for...

Amazon Linux 2 : glibc (ALAS-2023-2371)

The version of glibc installed on the remote host is prior to 2.26-57. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2371 advisory. The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the...

CVE-2023-6343

Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to enumerate and access sensitive files using the tiffserver/tssp.aspx 'FN' and 'PN' parameters. This behavior is related to the use of a deprecated version of Aquaforest TIFF Server, possibly 2.x. The...

CVE-2023-6343

Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to enumerate and access sensitive files using the tiffserver/tssp.aspx 'FN' and 'PN' parameters. This behavior is related to the use of a deprecated version of Aquaforest TIFF Server, possibly 2.x. The...

Design/Logic Flaw

Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to enumerate and access sensitive files using the tiffserver/tssp.aspx 'FN' and 'PN' parameters. This behavior is related to the use of a deprecated version of Aquaforest TIFF Server, possibly 2.x. The...

CVE-2023-6343 Tyler Technologies Court Case Management Plus use of Aquaforest TIFF Server tssp.aspx allows authentication bypass

Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to enumerate and access sensitive files using the tiffserver/tssp.aspx 'FN' and 'PN' parameters. This behavior is related to the use of a deprecated version of Aquaforest TIFF Server, possibly 2.x. The...

[SECURITY] [DLA 3674-1] thunderbird security update

Debian LTS Advisory DLA-3674-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort November 30, 2023 https://wiki.debian.org/LTS Package : thunderbird Version : 1:115.5.0-1~deb10u1 CVE...

Medium: glibc

Issue Overview: 2023-12-14: CVE-2021-33574 was added to this advisory. The mq_notify function in the GNU C Library (aka glibc) has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to....

Exploit for Out-of-bounds Write in Gnu Glibc

![image](https://github.com/WhiteH4T-Dev/CVE-2023-4911-Looney-Tu......

[SECURITY] [DSA 5566-1] thunderbird security update

Debian Security Advisory DSA-5566-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 26, 2023 https://www.debian.org/security/faq Package : thunderbird CVE ID : CVE-2023-6212 CVE-2023-6209...

Debian: Security Advisory (DLA-3661-1)

The remote host is missing an update for the...

[SECURITY] [DLA 3661-1] firefox-esr security update

Debian LTS Advisory DLA-3661-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort November 23, 2023 https://wiki.debian.org/LTS Package : firefox-esr Version : 115.5.0esr-1~deb10u1 CVE...

Debian: Security Advisory (DSA-5561-1)

The remote host is missing an update for the...

Debian DLA-3661-1 : firefox-esr - LTS security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3661 advisory. On some systemsdepending on the graphics settings and driversit was possible to force an out-of-bounds read and leak memory data into the images created on...

[SECURITY] [DSA 5561-1] firefox-esr security update

Debian Security Advisory DSA-5561-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 22, 2023 https://www.debian.org/security/faq Package : firefox-esr CVE ID : CVE-2023-6204 CVE-2023-6205...

HrServ – Previously unknown web shell used in APT attack

Introduction In the course of our routine investigation, we discovered a DLL file, identified as hrserv.dll, which is a previously unknown web shell exhibiting sophisticated features such as custom encoding methods for client communication and in-memory execution. Our analysis of the sample led to....

Debian DSA-5561-1 : firefox-esr - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5561 advisory. On some systemsdepending on the graphics settings and driversit was possible to force an out-of-bounds read and leak memory data into the images created...

Tenable Security Center 5.23.1 / 6.0.0 / 6.1.0 / 6.1.1 / 6.2.0 Multiple Vulnerabilities (TNS-2023-42)

According to its self-reported version, the Tenable Security Center running on the remote host is affected by multiple vulnerabilities as referenced in the TNS-2023-42 advisory. Security Center leverages third-party software to help provide underlying functionality. Several of the third-party...

(RHSA-2023:7409) Moderate: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security...

Mageia: Security Advisory (MGASA-2023-0320)

The remote host is missing an update for...

RHEL 8 : glibc (RHSA-2023:7409)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7409 advisory. glibc: potential use-after-free in getaddrinfo() (CVE-2023-4806) glibc: potential use-after-free in gaih_inet() (CVE-2023-4813) Note...

Updated haproxy packages fix security vulnerability

Haproxy has fixed security and other issues in last upstream version 2.8.3 of branch 2.8 Default user access are now commented out to prevent local action possible exploit and prevent further rpmnew on future updates. Use a check script to have config check result in error log on failure. Fix...

Exploit for Incorrect Comparison in Dynamic-Linq Linq

Dynamic Linq injection to RCE - CVE-2023-32571 About...

Exploit for Incorrect Comparison in Dynamic-Linq Linq

Dynamic Linq injection to RCE - CVE-2023-32571 About...

Understanding the Phobos affiliate structure and activity

Cisco Talos recently identified the most prolific Phobos variants, common affiliate tactics, techniques and procedures (TTPs), and characteristics of the Phobos affiliate structure, based on observed Phobos activity and analysis of over 1,000 Phobos samples from VirusTotal dating back to 2019. We.....

Siemens SCALANCE Family Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Weak Encryption Vulnerability in Multiple Siemens Products

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers (PLCs) or Human Machine Interfaces (HMIs), that comply with the IEEE 802.11...

Multiple Siemens products use hard-coded encryption key vulnerability

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers (PLCs) or Human Machine Interfaces (HMIs), that comply with the IEEE 802.11...

Multiple Siemens Products Forced Browsing Vulnerability

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers (PLCs) or Human Machine Interfaces (HMIs), that comply with the IEEE 802.11...

Multiple Siemens Products Use Trusted Data to Accept Unrelated Untrusted Data Vulnerability

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers (PLCs) or Human Machine Interfaces (HMIs), that comply with the IEEE 802.11...

Unchecked Return Value Vulnerability in Multiple Siemens Products

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers (PLCs) or Human Machine Interfaces (HMIs), that comply with the IEEE 802.11...

Unsynchronized Access to Shared Data Vulnerability in Multiple Siemens Products in a Multi-Threaded Context

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers (PLCs) or Human Machine Interfaces (HMIs), that comply with the IEEE 802.11...

Multiple Siemens Products Input Validation Error Vulnerability (CNVD-2023-86591)

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers (PLCs) or Human Machine Interfaces (HMIs), that comply with the IEEE 802.11...

Uncontrolled Resource Consumption Vulnerability in Multiple Siemens Products

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers (PLCs) or Human Machine Interfaces (HMIs), that comply with the IEEE 802.11...

CVE-2023-44322

Affected devices can be configured to send emails when certain events occur on the device. When presented with an invalid response from the SMTP server, the device triggers an error that disrupts email sending. An attacker with access to the network can use this to do disable notification of users....

CVE-2023-44373

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of...

CVE-2023-44374

Affected devices allow to change the password, but insufficiently check which password is to be changed. With this an authenticated attacker could, under certain conditions, be able to change the password of another, potential admin user allowing her to escalate her...

CVE-2023-44319

Affected devices use a weak checksum algorithm to protect the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that tricks a legitimate administrator to upload a modified configuration...

CVE-2023-44318

Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the...

CVE-2023-44320

Affected devices do not properly validate the authentication when performing certain modifications in the web interface allowing an authenticated attacker to influence the user interface configured by an...

CVE-2023-44317

Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the...

CVE-2023-44321

Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available...

sc-pielenhofen.de Improper Access Control vulnerability OBB-3780194

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

sc-hardt.de Improper Access Control vulnerability OBB-3780170

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Tenable Security Center Multiple Vulnerabilities (TNS-2023-35)

According to its self-reported version, the Tenable Security Center running on the remote host is affected by multiple vulnerabilities as referenced in the TNS-2023-35 advisory. Security Center leverages third-party software to help provide underlying functionality. One of the third- party...

Update Rollup 2 for System Center 2022 Operations Manager

Update Rollup 2 for System Center 2022 Operations Manager Applies to: System Center 2022 Operations Manager Introduction This article describes the new features and issues that are fixed in System Center Operations Manager 2022 Update Rollup 2. This article also contains the installation...

sc-uckerath.de Improper Access Control vulnerability OBB-3777204

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Update Rollup 2 for System Center 2022 Orchestrator

Update Rollup 2 for System Center 2022 Orchestrator Introduction This article describes the issues that are fixed in Update Rollup 2 for Microsoft System Center Orchestrator 2022. This article also contains the installation instructions for this update. Issues that are fixed Monitoring...

Moxa NPort 6000 Series Improper Authentication (CVE-2023-5627)

A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable. This vulnerability arises from the incorrect implementation of sensitive information protection, potentially allowing malicious users to gain unauthorized access to the web service. This...

Enough Polynomials and Linear Algebra to Implement Kyber

I was once talking with a mathematician and trying to explain elliptic curve cryptography. Eventually, something clicked and they went "oh, that! I think there was a chapter about it in the book. You made a whole field out of it?" Yes, in cryptography we end up focusing on a very narrow slice of...