ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x using TCP/IP. This communication protocol provides various file system operations, as well as the uploading of applications. Data is transferred over this protocol unencrypted, which could allow a remote unauthenticated attacker to upload, read, and delete files.
Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to the file name is not checked for reserved characters, it is possible for a remote, unauthenticated attacker to traverse an application’s directory, which could lead to remote code execution.
In Yokogawa WideField3 R1.01 – R4.03, a buffer overflow could be caused when a user loads a maliciously crafted project file.
A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files.
openssl-1.1.1n-1.fc34
Security fix for [PUT CVEs HERE]
openssl-1.1.1n-1.fc35
Security fix for [PUT CVEs HERE]
Author and journalist arrested over alleged cyber stalking of Ugandan President Yoweri Museveni
Spear phishing study finds one in three malicious logins into compromised accounts came from Nigeria
bind-9.16.27-1.fc34
bind-dyndb-ldap-11.9-9.fc34
Upstream release notes
Fixed issue since bind 9.16.25 with broken bind-dyndb-ldap.
bind-9.16.27-1.fc35
bind-dyndb-ldap-11.9-11.fc35
Upstream release notes
Fixed issue since bind 9.16.25 with broken bind-dyndb-ldap.
