Category Archives: Advisories

golang-github-docker-libnetwork-0.8.0-17.20220610gitf6ccccb.fc36 moby-engine-20.10.17-2.fc36

Read Time:16 Second

FEDORA-2022-cea20dae0b

Packages in this update:

golang-github-docker-libnetwork-0.8.0-17.20220610gitf6ccccb.fc36
moby-engine-20.10.17-2.fc36

Update description:

moby-engine

https://github.com/moby/moby/releases/tag/v20.10.17

Includes updates to bundled libraries that fix CVEs.

golang-github-docker-libnetwork

Bump to f6ccccb1c082a432c2a5814aaedaca56af33d9ea

Read More

CVE-2017-20037

Read Time:12 Second

A vulnerability has been found in SICUNET Access Controller 0.32-05z and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument c leads to privilege escalation. The attack can be launched remotely.

Read More

CVE-2017-20038

Read Time:14 Second

A vulnerability was found in SICUNET Access Controller 0.32-05z and classified as critical. Affected by this issue is some unknown functionality of the file card_scan_decoder.php. The manipulation of the argument No/door leads to privilege escalation. The attack may be launched remotely.

Read More

CVE-2017-20039

Read Time:11 Second

A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been classified as very critical. This affects an unknown part. The manipulation leads to weak authentication. It is possible to initiate the attack remotely.

Read More

CVE-2017-20040

Read Time:12 Second

A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been declared as problematic. This vulnerability affects unknown code of the component Password Storage. The manipulation leads to weak encryption. Attacking locally is a requirement.

Read More

SEC Consult SA-20220609-0 :: Multiple vulnerabilities in SoftGuard SNMP Network Management Extension

Read Time:18 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 10

SEC Consult Vulnerability Lab Security Advisory < 20220609-0 >
=======================================================================
title: Multiple vulnerabilities
product: SoftGuard SNMP Network Management Extension
vulnerable version: SoftGuard Web (SGW) < 5.1.5
fixed version: SoftGuard version 5.1.5 from 2022-06-01
CVE number: CVE-2022-31201, CVE-2022-31202
impact: High…

Read More

SEC Consult SA-20220608-0 :: Stored Cross-Site Scripting & Unsafe Java Deserializiation in Gentics CMS

Read Time:20 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 10

SEC Consult Vulnerability Lab Security Advisory < 20220608-0 >
=======================================================================
title: Stored Cross-Site Scripting & Unsafe Java Deserializiation
product: Gentics CMS
vulnerable version: 5.36.29, see section below
fixed version: 5.40.27, 5.41.15, 5.42.7, 5.43.1 or higher
CVE number: CVE-2022-30981, CVE-2022-30982
impact:…

Read More

SEC Consult SA-20220607-0 :: Multiple Vulnerabilities in Infiray IRAY-A8Z3 thermal camera

Read Time:17 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 10

SEC Consult Vulnerability Lab Security Advisory < 20220607-0 >
=======================================================================
title: Multiple Vulnerabilities
product: Infiray IRAY-A8Z3 thermal camera
vulnerable version: V1.0.957
fixed version: None
CVE number: CVE-2022-31208, CVE-2022-31209, CVE-2022-31210,
CVE-2022-31211
impact: Critical…

Read More

HNS-2022-02 – HN Security Advisory – Multiple vulnerabilities in Zyxel zysh

Read Time:21 Second

Posted by Marco Ivaldi on Jun 10

Dear Full Disclosure,

Find attached a security advisory that details multiple
vulnerabilities we discovered in the zysh shell distributed with some
Zyxel products, including their security appliances.

* Title: Multiple vulnerabilities in Zyxel zysh
* Products: Zyxel firewalls, AP controllers, and APs
* Author: Marco Ivaldi <marco.ivaldi () hnsecurity it>
* Date: 2022-06-07
* CVE Names and Vendor CVSS Scores:
CVE-2022-26531:…

Read More