Thinking Software Technology Co., Ltd. Security Vulnerabilities

ROS-20240619-01

A vulnerability in the OpenSSH ECDSA Key Handler component of the OpenSSH ECDSA Key Handler technology for signing and encrypting JavaScript objects in Python is related to the definition of a blacklist of prefixes for public keys. Exploitation of the vulnerability could allow an attacker acting...

CVE-2023-5249

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper memory processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn...

co-matic.com Cross Site Scripting vulnerability OBB-3858335

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

How to Configure AWS Application Loadbalancer (ALB) for Veeam Kasten for Kubernetes

This article provides an example of configuring AWS Application Loadbalancer (ALB) for accessing the Veeam Kasten for Kubernetes...

How to Add a Blueprint Target Using Execution Hooks From the Policy API

This article explains how to set resources other than namespaces as the hooks for blueprint...

Bare Metal Recovery Fails With "The requested security package does not exist."

This issue is caused by the WinRE.wim packaged in some early distributions of Server 2022. New Recovery Media must be created using Server 2019 or a newer version of Server...

CVE-2023-5249 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper memory processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn...

CVE-2023-5249 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper memory processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn...

Malicious code in setdotwork (PyPI)

-= Per source details. Do not edit below this...

Malicious code in sobit-ishlar (PyPI)

-= Per source details. Do not edit below this...

Malicious code in sintaxisoyyo (PyPI)

-= Per source details. Do not edit below this...

Malicious code in robloxmod (PyPI)

-= Per source details. Do not edit below this...

Malicious code in requstsssq (PyPI)

-= Per source details. Do not edit below this...

Malicious code in popyquests (PyPI)

-= Per source details. Do not edit below this...

Malicious code in lindze (PyPI)

-= Per source details. Do not edit below this...

Malicious code in libidos (PyPI)

-= Per source details. Do not edit below this...

Malicious code in httpxontop (PyPI)

-= Per source details. Do not edit below this...

Veeam Recovery Orchestrator Vulnerability (CVE-2024-29855)

A vulnerability in Veeam Recovery Orchestrator (VRO) version 7.0.0.337 allows an attacker to access the VRO web UI with administrative...

Build Numbers and Versions of Veeam Recovery Orchestrator

This KB article lists all versions of Veeam Recovery Orchestrator and their respective build...

Malicious code in betterstyle (PyPI)

-= Per source details. Do not edit below this...

Malicious code in webtraste (PyPI)

-= Per source details. Do not edit below this...

Malicious code in spacefilterapi (PyPI)

-= Per source details. Do not edit below this...

Malicious code in requstsss (PyPI)

-= Per source details. Do not edit below this...

Malicious code in onyxproxy (PyPI)

-= Per source details. Do not edit below this...

Malicious code in libig (PyPI)

-= Per source details. Do not edit below this...

Malicious code in lalaproxy (PyPI)

-= Per source details. Do not edit below this...

Malicious code in libideee (PyPI)

-= Per source details. Do not edit below this...

Malicious code in zproxy2 (PyPI)

-= Per source details. Do not edit below this...

Malicious code in synthetictest1 (PyPI)

-= Per source details. Do not edit below this...

Malicious code in sylexnaranjoo (PyPI)

-= Per source details. Do not edit below this...

Malicious code in socksproxies (PyPI)

-= Per source details. Do not edit below this...

Malicious code in pystylerio (PyPI)

-= Per source details. Do not edit below this...

Malicious code in libideeee (PyPI)

-= Per source details. Do not edit below this...

Malicious code in dpy-bot (PyPI)

-= Per source details. Do not edit below this...

Malicious code in tryhackme-offensive (PyPI)

-= Per source details. Do not edit below this...

Malicious code in zproxy (PyPI)

-= Per source details. Do not edit below this...

Malicious code in xboxkeyauth (PyPI)

-= Per source details. Do not edit below this...

Malicious code in tryconf (PyPI)

-= Per source details. Do not edit below this...

Malicious code in tls-bypass (PyPI)

-= Per source details. Do not edit below this...

Malicious code in pyprotectfile (PyPI)

-= Per source details. Do not edit below this...

Malicious code in microsoft-helper (PyPI)

-= Per source details. Do not edit below this...

Malicious code in libida (PyPI)

-= Per source details. Do not edit below this...

Malicious code in libidee (PyPI)

-= Per source details. Do not edit below this...

Malicious code in httpxboost (PyPI)

-= Per source details. Do not edit below this...

How to Properly Off-Board a Namespace From Veeam Kasten for Kubernetes Backups

This article documents the procedure to properly off-board a namespace in Veeam Kasten for...

How to ‘Transform’ Multiple Resources with Regex

Veeam Support Knowledge Base answer to: How to ‘Transform’ Multiple Resources with...

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services Denial of Service Vulnerability

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.....

Malicious code in cndpjs (npm)

-= Per source details. Do not edit below this...

Microsoft Windows Start Menu Software Version Enumeration

This plugin enumerates the installed software version by interrogating information obtained from various registry entries and files on disk. This plugin provides a best guess at the software version and a confidence level for that version. Note that the versions detected here do not necessarily...

Cisco UCS Central Software Web UI Detection

The web user interface for Cisco Unified Computing System (UCS) Central Software, an infrastructure management system, was detected on the remote...