This vulnerability allows remote attackers to disclose sensitive information on affected installations of ManageEngine ADManager Plus. Authentication is required to exploit this vulnerability.

Advisories

ZDI-23-1402: Hewlett Packard Enterprise OneView resetAdminPassword Authentication Bypass Vulnerability

September 11, 2023

Read Time:7 Second

This vulnerability allows remote attackers to bypass authentication on affected installations of Hewlett Packard Enterprise OneView. Authentication is not required to exploit this vulnerability.

Advisories

DSA-5495 frr – security update

September 11, 2023

Read Time:12 Second

Multiple vulnerabilities were discovered in frr, the FRRouting suite of
internet protocols, while processing malformed requests and packets the BGP
daemon may have reachable assertions, NULL pointer dereference, out-of-bounds
memory access, which may lead to denial of service attack.

Advisories

DSA-5493 open-vm-tools – security update

September 10, 2023

Read Time:7 Second

Two security issues have been discovered in the Open VMware Tools, which
may result in a man-in-the-middle attack or authentication bypass.

Advisories

DSA-5494 mutt – security update

September 10, 2023

Read Time:13 Second

Several NULL pointer dereference flaws were discovered in Mutt, a
text-based mailreader supporting MIME, GPG, PGP and threading, which may
result in denial of service (application crash) when viewing a specially
crafted email or when composing from a specially crafted draft message.

Advisories

borgbackup-1.1.18-2.el8

September 9, 2023

Read Time:24 Second

FEDORA-EPEL-2023-9c17eb827f

Packages in this update:

borgbackup-1.1.18-2.el8

Update description:

fix for CVE-2023-36811: spoofed archive leads to data loss

This version contains additional patches on top of 1.1.18 to fix the CVE mentioned above. The release notes for borgbackup 1.2.5+ regarding TAM authentication apply to this version as well: https://github.com/borgbackup/borg/blob/1.2.6/docs/changes.rst#pre-125-archives-spoofing-vulnerability-cve-2023-36811

Advisories

borgbackup-1.1.18-2.el7

September 9, 2023

Read Time:24 Second

FEDORA-EPEL-2023-f552ecb2a6

Packages in this update:

borgbackup-1.1.18-2.el7

Update description:

fix for CVE-2023-36811: spoofed archive leads to data loss

Advisories

matrix-synapse-1.80.0-5.fc37 python-matrix-common-1.3.0-7.fc37 rust-pythonize-0.19.0-1.fc37

September 9, 2023

Read Time:14 Second

FEDORA-2023-c0696d7b53

Packages in this update:

matrix-synapse-1.80.0-5.fc37
python-matrix-common-1.3.0-7.fc37
rust-pythonize-0.19.0-1.fc37

Update description:

Update matrix-synapse to v1.80.0 to fix CVE-2022-39374, CVE-2023-32323

Cyber Security News

Monthly Archives: September 2023

open-vm-tools-12.3.0-1.fc38

FEDORA-2023-df375d0634

Packages in this update:

Update description:

open-vm-tools-12.3.0-1.fc39

FEDORA-2023-20b6ac4b6c

Packages in this update:

Update description:

ZDI-23-1401: ManageEngine ADManager Plus download Directory Traversal Information Disclosure Vulnerability

ZDI-23-1402: Hewlett Packard Enterprise OneView resetAdminPassword Authentication Bypass Vulnerability

DSA-5495 frr – security update

DSA-5493 open-vm-tools – security update

DSA-5494 mutt – security update

borgbackup-1.1.18-2.el8

FEDORA-EPEL-2023-9c17eb827f

Packages in this update:

Update description:

borgbackup-1.1.18-2.el7

FEDORA-EPEL-2023-f552ecb2a6

Packages in this update:

Update description:

matrix-synapse-1.80.0-5.fc37 python-matrix-common-1.3.0-7.fc37 rust-pythonize-0.19.0-1.fc37

FEDORA-2023-c0696d7b53

Packages in this update:

Update description:

News, Advisories and much more