Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

ABB Cylon Aspect 3.08.01 jsonProxy.php Servlet Inclusion Authentication Bypass

ABB Cylon Aspect version 3.08.01 is vulnerable to remote, arbitrary servlet inclusion. The jsonProxy.php endpoint allows unauthenticated remote attackers to access internal services by proxying requests to localhost. This results in an authentication bypass, enabling attackers to interact with multiple java servlets without authorization, potentially exposing sensitive system functions and information.

Packet Storm
#vulnerability#web#linux#apache#js#java#intel#php#auth
ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Credential Disclosure

ABB Cylon Aspect version 3.08.01 allows an unauthenticated attacker to disclose credentials in plain-text.

ABB Cylon Aspect 3.08.01 jsonProxy.php Cross Site Scripting

ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated reflected cross-site scripting vulnerability. Input passed to the GET parameters query and application is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user's browser session in context of an affected site.

Red Hat Security Advisory 2024-8617-03

Red Hat Security Advisory 2024-8617-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.

Red Hat Security Advisory 2024-8614-03

Red Hat Security Advisory 2024-8614-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include null pointer and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-8613-03

Red Hat Security Advisory 2024-8613-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include null pointer and use-after-free vulnerabilities.

When Cybersecurity Tools Backfire

Outages are inevitable. Our focus should be on minimizing their scope, addressing underlying causes, and understanding that protecting systems is about keeping bad actors out while maintaining stability and reliability.

Russian Malware Attack Targets Ukrainian Military Recruits via Telegram

Russian hackers launched a targeted malware campaign via Telegram, aimed at Ukrainian military recruits. Disguised as recruitment tools,…

ABB Cylon Aspect 3.08.01 Active Debug Data Exposure

ABB Cylon Aspect version 3.08.01 is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information.

Apple Security Advisory 10-28-2024-5

Apple Security Advisory 10-28-2024-5 - macOS Ventura 13.7.1 addresses bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities.