RoyalTSX version 6.0.1 suffers from an RTSZ file handling heap memory corruption vulnerability. The application receives SIGABRT after the RAPortCheck.createNWConnection() function is handling the SecureGatewayHost object in the RoyalTSXNativeUI. When the hostname has an array of around 1600 bytes and the Test Connection is clicked the application crashes instantly.
6bddf02ee202f21877203f81e88ca57213713fa9fe71c747db9f8b293f536b4aOPNsense versions 23.1.11_1, 23.7.3, and 23.7.4 suffer from cross site scripting vulnerabilities that can allow for privilege escalation.
76e4fc1b6aee4986d4bbb70760bae717204a144677ec04e5e69cc9e4ca014975Debian Linux Security Advisory 5504-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation.
d08a45f75291405aa2fc709f550a23b9901e1dce097ebf1ca545a9a498d0dbd8Apple Security Advisory 2023-09-21-7 - macOS Monterey 12.7 addresses a privilege escalation vulnerability.
8ce806831c23799edfe51f75038820626c202835f3e8eab8dc7178462f887bccGlobal Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.
35256f0fc9b7a99eeb830d321b5976dc55f4abafc463b09e57965f8a55be4200GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
56029e78a99c04d52b1358094ae5074e4cd8ea9b98cf6855f57ad9af27ac9518Apple Security Advisory 2023-09-21-6 - macOS Ventura 13.6 addresses bypass vulnerabilities.
38b6bdfc2c02e42e0dce4d0ecec7c16ebbb17b092bf7f5132dbe7b5849c9930eApple Security Advisory 2023-09-21-5 - watchOS 9.6.3 addresses bypass vulnerabilities.
5c5ee93b16e3c6712507d2ff6e5b7ed5829e719c8075068f4f94a53f4484563aUbuntu Security Notice 6190-2 - USN-6190-1 fixed a vulnerability in AccountsService. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Kevin Backhouse discovered that AccountsService incorrectly handled certain D-Bus messages. A local attacker could use this issue to cause AccountsService to crash, resulting in a denial of service, or possibly execute arbitrary code.
f440d8dc0f9ffb116adb040e10ecf34cedf3dcac2a8b62dbdd04bc7e53b2c517Ubuntu Security Notice 6365-2 - USN-6365-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations.
e021010be0de73a4f28b80b4129ed427ea5f99b587b311842f8a521eb0fe74f4Whitepaper called Cybersecurity in Industry 4.0 and Smart Manufacturing: The Rise of Security in the Age of IoT, IIoT, ICS, and SCADA. This article examines Industry 4.0's relationship with the rapidly developing technologies Internet of Things (IoT), Industrial Internet of Things (IIoT), Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) and why cyber security is important in these areas.
0458410365974be314b620bd7944a4541658322fd5a9cee88134e46a6317b29bApple Security Advisory 2023-09-21-4 - watchOS 10.0.1 addresses bypass vulnerabilities.
5711a5ee98a1f4a97a803777178be3e4188589740ade0cf56b4a3c7e7dd8cdc2LogoBee CMS version 0.2 suffers from a cross site scripting vulnerability.
c2ead32c5cb5f5d010966c9529b1024ec709d62421149c9904c0751f97329087Lamano LMS version 0.1 suffers from an ignored default credential vulnerability.
1211a4d26c19dfb4f055d2493981d0ec9270c990f56c26cfafa09b3466428519Apple Security Advisory 2023-09-21-3 - iOS 16.7 and iPadOS 16.7 addresses bypass vulnerabilities.
f449601a62ebbbd144305ef4452d57a5c40a3de57572f6f193ea28a6a3b9c199Apple Security Advisory 2023-09-21-2 - iOS 17.0.1 and iPadOS 17.0.1 addresses bypass vulnerabilities.
f23503e52b808d43f23c89a857eaf734ab1d7444e01c12625db6d60309d2ad5eApple Security Advisory 2023-09-21-1 - Safari 16.6.1 addresses a code execution vulnerability.
766524a7cd017ff0881465c9f9c8e4ddd7862131dbd353efe01b6bc192483827
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed