Category Archives: Advisories

CVE-2021-28508

Read Time:19 Second

This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to other authorized users, which could cause IPsec traffic to be decrypted or modified by other authorized users on the device.

Read More

CVE-2021-28509

Read Time:19 Second

This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device.

Read More

USN-5448-1: ncurses vulnerabilities

Read Time:1 Minute, 5 Second

It was discovered that ncurses was not properly checking array bounds
when executing the fmt_entry function, which could result in an
out-of-bounds write. An attacker could possibly use this issue to
execute arbitrary code. (CVE-2017-10684)

It was discovered that ncurses was not properly checking user input,
which could result in it being treated as a format argument. An
attacker could possibly use this issue to expose sensitive
information or to execute arbitrary code. (CVE-2017-10685)

It was discovered that ncurses was incorrectly performing memory
management operations and was not blocking access attempts to
illegal memory locations. An attacker could possibly use this issue
to cause a denial of service. (CVE-2017-11112, CVE-2017-13729,
CVE-2017-13730, CVE-2017-13731, CVE-2017-13732, CVE-2017-13733,
CVE-2017-13734)

It was discovered that ncurses was not properly performing checks
on pointer values before attempting to access the related memory
locations, which could lead to NULL pointer dereferencing. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2017-11113)

It was discovered that ncurses was incorrectly handling loops in
libtic, which could lead to the execution of an infinite loop. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2017-13728)

Read More

CVE-2021-33014

Read Time:9 Second

An attacker can gain VxWorks Shell after login due to hard-coded credentials on a KUKA KR C4 control software for versions prior to 8.7 or any product running KSS.

Read More

CVE-2021-33016

Read Time:10 Second

An attacker can gain full access (read/write/delete) to sensitive folders due to hard-coded credentials on KUKA KR C4 control software for versions prior to 8.7 or any product running KSS.

Read More

CVE-2021-4232

Read Time:16 Second

A vulnerability classified as problematic has been found in Zoo Management System 1.0. Affected is an unknown function of the file admin/manage-ticket.php. The manipulation with the input <script>alert(1)</script> leads to cross site scripting. It is possible to launch the attack remotely.

Read More

[R1] Nessus Version 8.15.5 Fixes Multiple Third-Party Vulnerabilities

Read Time:28 Second

[R1] Nessus Version 8.15.5 Fixes Multiple Third-Party Vulnerabilities
Arnie Cabral
Thu, 05/26/2022 – 12:45

Nessus leverages third-party software to help provide underlying functionality. One of the third-party components (expat) was found to contain vulnerabilities, and an updated version has been made available by the provider.

Out of caution and in line with good practice, Tenable has opted to upgrade the expat component to address the potential impact of the issue. Nessus 8.15.5 updates expat to version 2.4.8 to address the identified vulnerabilities.

Read More

CVE-2021-34360

Read Time:25 Second

A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Proxy Server: QTS 4.5.x: Proxy Server 1.4.2 ( 2021/12/30 ) and later QuTS hero h5.0.0: Proxy Server 1.4.3 ( 2022/01/18 ) and later QuTScloud c4.5.6: Proxy Server 1.4.2 ( 2021/12/30 ) and later

Read More

CVE-2021-4231

Read Time:25 Second

A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 11.0.5 and 11.1.0-next.3 is able to address this issue. The name of the patch is ba8da742e3b243e8f43d4c63aa842b44e14f2b09. It is recommended to upgrade the affected component.

Read More