Ubuntu Security Notice USN-6502-1
Packages Details Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleemdiscovered that the InfiniBand RDMA driver in the Linux kernel did notproperly check for zero-length STAG or MR registration. A remote attackercould possibly use this to execute arbitrary code. (CVE-2023-25775) Yu Hao discovered that…
Alert: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability
F5 is warning of active abuse of a critical security flaw in BIG-IP less than a week after its public disclosure, resulting in the execution of arbitrary system commands as part of an exploit chain. Tracked as CVE-2023-46747 (CVSS score: 9.8), the vulnerability allows an unauthenticated attacker with network…
Cisco IOS XE Software Web UI Feature
Summary Affected Products Details Indicators of Compromise Workarounds Fixed Software Recommendations
Cisco Releases Security Advisories for Multiple Products
Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system or cause a denial-of service condition. CISA encourages users and administrators to review the following advisories and…
APSystems Altenergy Power Control
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Altenergy Power Control software are affected: 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS…
Siemens SCALANCE W1750D
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information or steal the unsuspecting user’s session. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products from Siemens are affected: 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER INPUT VALIDATION CWE-20…
USN-2196-1: Linux kernel vulnerability
Releases Packages Details A flaw was discovered in the Linux kernel’s pseudo tty (pty) device. Anunprivileged user could exploit this flaw to cause a denial of service(system crash) or potentially gain administrator privileges. Reduce your security exposure Ubuntu Pro provides ten-year security coverage to 25,000+…
Industrial Control Links ScadaFlex II SCADA Controllers
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to overwrite, delete, or create files. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Industrial Control Links ScadaFlex II SCADA Controllers are affected: 3.2 VULNERABILITY OVERVIEW 3.2.1 EXTERNAL…
Cisco Releases Security Advisory for IOS XR Software
Cisco has released a security advisory for a vulnerability affecting IOS XR Software for ASR 9000 Series Routers. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to…
Mitsubishi Electric GOT and Tension Controller (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GOT and Tension Controller Vulnerabilities: Improper Handling of Exceptional Conditions, Improper Input Validation ——— Begin Update A Part 1 of 2 ——— Mitsubishi Electric PSIRT has informed CISA that further research has shown the…
Stay connected