#auth

Openmediavault versions prior to 7.0.32 have a vulnerability that occurs when users in the web-admin group enter commands on the crontab by selecting the root shell. As a result of exploiting the vulnerability, authenticated web-admin users can run commands with root privileges and receive reverse shell connections.

RIOT versions 2024.01 and below suffers from multiple buffer overflows, ineffective size checks, and out-of-bounds memory access vulnerabilities.

Panel Amadey.d.c malware suffers from cross site scripting vulnerabilities.

Clinic Queuing System version 1.0 suffers from a remote code execution vulnerability.

Debian Linux Security Advisory 5685-1 - Several security vulnerabilities have been discovered in Wordpress, a popular content management framework, which may lead to exposure of sensitive information to an unauthorized actor in WordPress or allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack.

**Important: Exploiting this vulnerability requires the attacker to have access to your Frigate instance, which means they could also just delete all of your recordings or perform any other action. If you have configured authentication in front of Frigate via a reverse proxy, then this vulnerability is not exploitable without first getting around your authentication method. For many obvious reasons in addition to this one, please don't expose your Frigate instance publicly without any kind of authentication.** ## Summary When uploading a file or retrieving the filename, a user may intentionally use a large Unicode filename which would lead to a application-level denial of service. This is due to no limitation set on the length of the filename and the costy use of the Unicode normalization with the form NFKD under the hood of `secure_filename()`. I idenfied multiple vulnerable paths on [blakeblackshear/frigate](https://www.github.com/blakeblackshear/frigate/) repository. In all of th...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Historian SE Vulnerabilities: Missing Release of Resource after Effective Lifetime, Improper Check or Handling of Exceptional Conditions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation FactoryTalk Historian SE, a data management application, are affected: FactoryTalk Historian SE: Versions v9.0 and prior 3.2 Vulnerability Overview 3.2.1 MISSING RELEASE OF RESOURCE AFTER EFFECTIVE LIFETIME CWE-772 FactoryTalk Historian SE utilizes the AVEVA PI Server, which contains a vulnerability that could allow an unauthenticated user to cause a partial denial-of-service condition in the PI Message Subsystem of a PI Server by consuming available memory. This vulnerability exists in Fa...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: alpitronic Equipment: Hypercharger EV charger Vulnerability: Use of Default Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker disabling the device, bypassing payment, or accessing payment data. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Hypercharger EV charger, a high power charging station, are affected: Hypercharger EV charger: all versions 3.2 Vulnerability Overview 3.2.1 USE OF DEFAULT CREDENTIALS CWE-1392 If misconfigured, the charging devices can expose a web interface protected by authentication. If the default credentials are not changed, an attacker can use public knowledge to access the device as an administrator. CVE-2024-4622 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H). A CVSS v4 sco...

Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet. That's according to findings from Juniper Threat Labs, which said the vulnerabilities CVE-2023-46805 and CVE-2024-21887 have been leveraged to deliver the botnet payload. While CVE-2023-46805 is an authentication bypass flaw,

Medical health care provider DocGo has disclosed a cyberincident where an attacker gained access to protected health information.