Security
Headlines
HeadlinesLatestCVEs

Tag

#rce

ABB Cylon Aspect 3.08.00 dialupSwitch.php Remote Code Execution

ABB Cylon Aspect version 3.08.00 suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the MODEM HTTP POST parameter called by the dialupSwitch.php script.

Packet Storm
#vulnerability#web#linux#apache#java#intel#php#rce#auth
TerraMaster TOS 4.2.29 Code Injection / Local File Inclusion

TerraMaster TOS version 4.2.29 suffers from a remote code injection vulnerability leveraging a local file inclusion vulnerability.

Red Hat Security Advisory 2024-7972-03

Red Hat Security Advisory 2024-7972-03 - An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product Security has rated this update as having a security impact of Critical. Issues addressed include a code execution vulnerability.

ABB Cylon Aspect 3.08.00 (dialupSwitch.php) Remote Code Execution

The ABB BMS/BAS controller suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'MODEM' HTTP POST parameter called by the dialupSwitch.php script.

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to conduct reconnaissance of target networks. It said the module is being used to enumerate other non-internet-facing devices on the network. The agency, however, did not disclose who

What NIST’s latest password standards mean, and why the old ones weren’t working

Rather than setting a regular cadence for changing passwords, users only need to change their passwords if there is evidence of a breach.

Red Hat Security Advisory 2024-7869-03

Red Hat Security Advisory 2024-7869-03 - An update for.NET 8.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution and denial of service vulnerabilities.

Red Hat Security Advisory 2024-7868-03

Red Hat Security Advisory 2024-7868-03 - An update for.NET 8.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include code execution and denial of service vulnerabilities.

Red Hat Security Advisory 2024-7861-03

Red Hat Security Advisory 2024-7861-03 - An update to the images for Red Hat build of Apicurio Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2024-7594-03

Red Hat Security Advisory 2024-7594-03 - Red Hat OpenShift Container Platform release 4.15.36 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution and out of bounds write vulnerabilities.