SCALANCE XB213-3LD (SC, PN) Security Vulnerabilities

Amazon Linux 2 : glibc (ALAS-2023-2221)

The version of glibc installed on the remote host is prior to 2.26-37. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2221 advisory. On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC...

Rapid7 Takes 2023 SC Awards for Vulnerability Management and Threat Detection

The highly respected SC Awards program, hosted by SC Media, recognizes the solutions, organizations, and people driving innovation and success in information security. Now in its 26th year, the SC Awards continue to grow and evolve. Rapid7 is proud to announce we have received not one, but two...

Medium: glibc

Issue Overview: A vulnerability was discovered in glibc where the LD_PREFER_MAP_32BIT_EXEC environment variable is not ignored when running binaries with the setuid flag on x86_64 architectures. This allows an attacker to force system to utilize only half of the memory (making the system think the....

Epson Printers CSRF Vulnerability (Apr 2023)

Multiple Epson printer models are prone to a cross-site request forgery (CSRF)...

Tenable Security Center Multiple Vulnerabilities (TNS-2023-25)

According to its self-reported version, the Tenable Security Center running on the remote host is . It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-25 advisory. Tenable Security Center leverages third-party software to help provide underlying functionality....

​ICONICS and Mitsubishi Electric Products

EXECUTIVE SUMMARY ​CVSS v3 5.9 ​ATTENTION: Exploitable remotely ​Vendor: ICONICS, Mitsubishi Electric ​Equipment: ICONICS Product Suite ​Vulnerabilities: Buffer Overflow, Out-of-Bounds Read, Observable Timing Discrepancy, Double Free, and NULL Pointer Dereference 2. RISK EVALUATION...

Security Bulletin: App Connect Professional is affected by Bouncy Castle vulnerability.

Summary App Connect Professional have addressed the following vulnerability reported in Bouncy Castle. Vulnerability Details ** CVEID: CVE-2023-33201 DESCRIPTION: **The Bouncy Castle Crypto Package For Java (bc-java) could allow a remote attacker to obtain sensitive information, caused by not...

Siemens OpenSSL RSA Decryption in SIMATIC

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Siemens Address Processing in SIMATIC

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Possible DoS of Election Process

Lines of code Vulnerability details Impact Contract SecurityCouncilNomineeElectionGovernor allows contenders to participate in the election process as nominee over function addContender(). The necessary condition for this process is that proposal was created before and has status...

Moxa MGate Man-in-The-Middle (CVE-2022-27048)

A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1....

Windows/x64 - PIC Null-Free Calc.exe Shellcode (169 Bytes)

...

Tenable Security Center 6.0.0 / 6.1.0 / 6.1.1 Multiple Vulnerabilities (TNS-2023-26)

According to its self-reported version, the Tenable Security Center running on the remote host is either 6.0.0, 6.1.0 or 6.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-26 advisory. Tenable Security Center leverages third-party software to help provide...

Exploit for CVE-2023-20593

Stopping Zenbleed (CVE-2023-20593) on Windows The newly...

[R1] Stand-alone Security Patch Available for Security Center versions 6.0.0, 6.1.0 and 6.1.1: SC-202307.1-6.x

[R1] Stand-alone Security Patch Available for Security Center versions 6.0.0, 6.1.0 and 6.1.1: SC-202307.1-6.x Arnie Cabral Tue, 07/25/2023 - 11:30 Tenable Security Center leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found....

[R1] Stand-alone Security Patch Available for Security Center version 5.23.1: SC-202307.1-5.23.1

[R1] Stand-alone Security Patch Available for Security Center version 5.23.1: SC-202307.1-5.23.1 Arnie Cabral Tue, 07/25/2023 - 11:11 Tenable Security Center leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found to contain...

Cisco Nexus 7000 Series Switches Access-Control Filtering Mechanisms Bypass (CVE-2017-3875)

An Access-Control Filtering Mechanisms Bypass vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to bypass defined traffic configured within an access control list (ACL) on the affected system. More...

sc-motos.es Cross Site Scripting vulnerability OBB-3536444

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

sc-dilenske-naradi.cz Cross Site Scripting vulnerability OBB-3518508

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Hidden - Windows Driver With Usermode Interface Which Can Hide Processes, File-System And Registry Objects, Protect Processes And Etc

Hidden has been developed like a solution for reverse engineering and researching tasks. This is a windows driver with a usermode interface which is used for hiding specific environment on your windows machine, like installed RCE programs (ex. procmon, wireshark), vm infrastructure (ex. vmware...

AVG Anti Spyware 7.5 Unquoted Service Path

...

MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path "MTSchedulerService"

...

AVG Anti Spyware 7.5 - Unquoted Service Path "AVG Anti-Spyware Guard"

...

Game Jackal Server 5 Unquoted Service Path

...

MiniTool Partition Wizard ShadowMaker 12.7 Unquoted Service Path

...

MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path (MTSchedulerService) Vulnerabil

...

Netlify CMS 2.10.192 - Stored Cross-Site Scripting (XSS)

...

Game Jackal Server v5 - Unquoted Service Path "GJServiceV5"

...

MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path "MTAgentService"

...

Netlify CMS 2.10.192 Cross Site Scripting

...

MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path (MTAgentService) Vulnerability

...

AVG Anti Spyware 7.5 - Unquoted Service Path (AVG Anti-Spyware Guard) Vulnerability

...

Game Jackal Server v5 - Unquoted Service Path (GJServiceV5) Vulnerability

...

Netlify CMS 2.10.192 - Stored Cross-Site Scripting Vulnerability

...

Debian DLA-3484-1 : firefox-esr - LTS security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3484 advisory. An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox < 115, Firefox...

Security Bulletin: Multiple vulnerabilities in Apache Tomcat affects App Connect Professional.

Summary App Connect Professional have addressed the following vulnerabilities reported in Apache Tomcat. Vulnerability Details ** CVEID: CVE-2023-28709 DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by an incomplete fix for CVE-2023-24998 related to the failure to limit.....

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional.

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in April 2022, App Connect Professional have addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2022-21426 ...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional.

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in April 2023, App Connect Professional have addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-21930 ...

Security Bulletin: Multiple vulnerabilities in Apache Tomcat affects App Connect Professional.

Summary App Connect Professional have addressed the following vulnerabilities reported in Apache Tomcat. Vulnerability Details ** CVEID: CVE-2023-34981 DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by a flaw when a response did not have any...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional.

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in Jan 2023, App Connect Professional have addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-21830 ...

sc-sandhausen.de Cross Site Scripting vulnerability OBB-3452627

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

What You Need To Know About MOVEit

The MOVEit Vulnerabilities and Latest Exploits. Impact On Governmental Agencies And Large Organizations Governmental agencies and large organizations around the world are being hit by ransomware attacks exploiting several vulnerabilities in MOVEit, a widely used file transfer solution. The...

URLs have always been a great hiding place for threat actors

Welcome to this week's edition of the Threat Source newsletter. Talos' recent blog post on the dangers posed by the newly released ".zip" top-level domain (TLD) recently outlined how threat actors could create real URLs that look like file names and trick users into clicking on their links. .Zip...

OWASP APIsec Top-10 2023 Is Here | API Security Newsletter

Welcome to our May API newsletter, recapping some of the events of last month. As the old proverb goes, April showers bring May flowers – and this means the bees at the Wallarm hive have been in full foraging mode and the honey is flowing: lots of updates & improvements to the platform, and much...

Threat Actors Exploit Progress Telerik Vulnerabilities in Multiple U.S. Government IIS Servers

SUMMARY From November 2022 through early January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and authoring organizations identified the presence of indicators of compromise (IOCs) at a federal civilian executive branch (FCEB) agency. Analysts determined that multiple cyber...

Siemens SIMOTION

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

CVSSv4 Public Preview Announcement

On June 8, 2023, at the 35th Annual FIRST Conference in Montreal, the public preview of CVSSv4 was announced. The Common Vulnerability Scoring System (CVSS) is an open framework for communicating the characteristics and severity of software vulnerabilities. Since its initial release in 2004, CVSS.....

Siemens SIMOTION and SIMOTION P320 Information Disclosure Vulnerability

SIMOTION is a scalable, high-performance motion control hardware and software system.SIMOTION P320 is an industrial PC for motion control. An information disclosure vulnerability exists in the Siemens SIMOTION and SIMOTION P320, which arises from the device not protecting access to certain...

CVE-2023-27465

A vulnerability has been identified in SIMOTION C240 (All versions >= V5.4 < V5.5 SP1), SIMOTION C240 PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP (All ...

CVE-2023-27465

A vulnerability has been identified in SIMOTION C240 (All versions >= V5.4 < V5.5 SP1), SIMOTION C240 PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP (All ...