CVE-2024-38812

VMware vCenter Server
17 Sept 2024
Published
19 Sept 2024
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.09%
  • 4 Posts
  • 3 Interactions

CVE Info

The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
MITRE
NVD

Fediverse

Profile picture
benzogaga33 :verified:@benzogaga33

VMware vCenter : un second patch pour cette faille de sécurité critique déjà corrigée en septembre dernier ! it-connect.fr/vmware-vcenter-s #ActuCybersécurité #Cybersécurité #Vulnérabilité #VMware

  • 0
  • 1
  • 10 hours ago
Profile picture
Jeff Hall - PCIGuru :verified:@jbhall56

The vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), concerns a case of heap-overflow vulnerability in the implementation of the DCE/RPC protocol. thehackernews.com/2024/10/vmwa

  • 0
  • 0
  • 8 hours ago
Profile picture
Patch NOW !!@patchnow24x7

Update on CVE-2024-38812: Heap-Buffer Overflow vulnerability in VMWare vCenter: VMware has determined that the vCenter patches released previously did not completely mitigate the vulnerability. Refer attached image for the UPDATED response matrix.

Source: support.broadcom.com/web/ecx/s

  • 1
  • 1
  • 15 hours ago
Profile picture
:mastodon: decio@decio

🛑 MAJ 22 octobre 2024 :

a annoncé que les correctifs publiés le 17 sept. 2024 ne couvraient pas complètement la vulnérabilité CVE-2024-38812. Il est important pour tous les clients d’appliquer les derniers correctifs disponibles dans la matrice de réponse. Les patches pour la version 8.0 U2 sont également disponibles.

Produits impactés :

  • vCenter Server 8.0
  • vCenter Server 7.0
  • VMware Cloud Foundation 5.x
  • VMware Cloud Foundation 4.x

👇
support.broadcom.com/web/ecx/s


  • 0
  • 0
  • 14 hours ago

CVE-2024-35219

OpenAPITools openapi-generator
27 May 2024
Published
02 Aug 2024
Updated
CVSS v3.1
HIGH (8.3)
EPSS
0.04%
  • 1 Post
  • 4 Interactions

CVE Info

OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary, writable directory as anyone can set the output folder when submitting the request via the `outputFolder` option. The issue was fixed in version 7.6.0 by removing the usage of the `outputFolder` option. No known workarounds are available.
MITRE
NVD

Fediverse

Profile picture
Sonar Research@SonarResearch

CVE-2024-35219: Arbitrary File Read and Delete in OpenAPI Generator

Check out our latest blog post, in which we explain how SonarCloud unveiled the complex taint flow behind this critical vulnerability in OpenAPI Generator:

sonarsource.com/blog/the-power

  • 2
  • 2
  • 5 hours ago

CVE-2024-9050

Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
22 Oct 2024
Published
22 Oct 2024
Updated
CVSS
Pending
EPSS
Pending
  • 1 Post
  • 6 Interactions

CVE Info

A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of the most critical parameters that could be abused by a malicious user is the `leftupdown`key. This key takes an executable command as a value and is used to specify what executes as a callback in NetworkManager-libreswan to retrieve configuration settings back to NetworkManager. As NetworkManager uses Polkit to allow an unprivileged user to control the system's network configuration, a malicious actor could achieve local privilege escalation and potential code execution as root in the targeted machine.
MITRE
NVD

Fediverse

Profile picture
HAMMER SMASHED SIR 🇺🇦@lkundrak

oh no my magic trick is now public and got a cve number

access.redhat.com/security/cve

  • 1
  • 5
  • 7 hours ago

CVE-2024-41583

Pending
03 Oct 2024
Published
03 Oct 2024
Updated
CVSS
Pending
EPSS
0.04%
  • 1 Post

CVE Info

DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to stored Cross Site Scripting (XSS) by authenticated users due to poor sanitization of the router name.
MITRE
NVD

Fediverse

Profile picture
xiffy@xiffy

If you own, or support a Draytek Vigor router/modem, it's our turn to do the upgrade dance to mitigate some serious 'shit'.
draytek.com/support/resources/
Read more: draytek.com/about/security-adv #Draytek #Vigor #Router #CVE-2024-46550 #CVE-2024-46568, #CVE-2024-46571, #CVE-2024-46580 #CVE-2024-46586, #CVE-2024-46588 ~ #CVE-2024-46598
#CVE-2024-41583 to #CVE-2024-41596

  • 0
  • 0
  • 1 hours ago

CVE-2024-46550

Pending
18 Sept 2024
Published
18 Sept 2024
Updated
CVSS
Pending
EPSS
0.05%
  • 1 Post

CVE Info

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the CGIbyFieldName parameter at chglog.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
MITRE
NVD

Fediverse

Profile picture
xiffy@xiffy

If you own, or support a Draytek Vigor router/modem, it's our turn to do the upgrade dance to mitigate some serious 'shit'.
draytek.com/support/resources/
Read more: draytek.com/about/security-adv #Draytek #Vigor #Router #CVE-2024-46550 #CVE-2024-46568, #CVE-2024-46571, #CVE-2024-46580 #CVE-2024-46586, #CVE-2024-46588 ~ #CVE-2024-46598
#CVE-2024-41583 to #CVE-2024-41596

  • 0
  • 0
  • 1 hours ago

CVE-2024-41596

Pending
03 Oct 2024
Published
03 Oct 2024
Updated
CVSS
Pending
EPSS
0.04%
  • 1 Post

CVE Info

Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 (in the Vigor management UI) because of improper retrieval and handling of the CGI form parameters.
MITRE
NVD

Fediverse

Profile picture
xiffy@xiffy

If you own, or support a Draytek Vigor router/modem, it's our turn to do the upgrade dance to mitigate some serious 'shit'.
draytek.com/support/resources/
Read more: draytek.com/about/security-adv #Draytek #Vigor #Router #CVE-2024-46550 #CVE-2024-46568, #CVE-2024-46571, #CVE-2024-46580 #CVE-2024-46586, #CVE-2024-46588 ~ #CVE-2024-46598
#CVE-2024-41583 to #CVE-2024-41596

  • 0
  • 0
  • 1 hours ago

CVE-2024-46580

Pending
18 Sept 2024
Published
18 Sept 2024
Updated
CVSS
Pending
EPSS
0.05%
  • 1 Post

CVE Info

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the fid parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
MITRE
NVD

Fediverse

Profile picture
xiffy@xiffy

If you own, or support a Draytek Vigor router/modem, it's our turn to do the upgrade dance to mitigate some serious 'shit'.
draytek.com/support/resources/
Read more: draytek.com/about/security-adv #Draytek #Vigor #Router #CVE-2024-46550 #CVE-2024-46568, #CVE-2024-46571, #CVE-2024-46580 #CVE-2024-46586, #CVE-2024-46588 ~ #CVE-2024-46598
#CVE-2024-41583 to #CVE-2024-41596

  • 0
  • 0
  • 1 hours ago

CVE-2024-46598

Pending
18 Sept 2024
Published
18 Sept 2024
Updated
CVSS
Pending
EPSS
0.05%
  • 1 Post

CVE Info

Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the iprofileidx parameter at dialin.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
MITRE
NVD

Fediverse

Profile picture
xiffy@xiffy

If you own, or support a Draytek Vigor router/modem, it's our turn to do the upgrade dance to mitigate some serious 'shit'.
draytek.com/support/resources/
Read more: draytek.com/about/security-adv #Draytek #Vigor #Router #CVE-2024-46550 #CVE-2024-46568, #CVE-2024-46571, #CVE-2024-46580 #CVE-2024-46586, #CVE-2024-46588 ~ #CVE-2024-46598
#CVE-2024-41583 to #CVE-2024-41596

  • 0
  • 0
  • 1 hours ago