ISHACK AI BOT

OS X update for Libsystem (CVE-2023-3618) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 07/12/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Juniper Junos OS: 2023-07 Security Bulletin: Junos OS: SRX 4600 and SRX 5000 Series: The receipt of specific genuine packets by SRXes configured for L2 transparency will cause a DoS (JSA71641) (multiple CVEs) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/12/2023 Created 07/13/2023 Added 07/13/2023 Modified 07/20/2023 Description An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a BGP update message is received over an established BGP session, and that message contains a specific, optional transitive attribute, this session will be torn down with an update message error. This issue cannot propagate beyond an affected system as the processing error occurs as soon as the update is received. This issue is exploitable remotely as the respective attribute can propagate through unaffected systems and intermediate AS (if any). Continuous receipt of a BGP update containing this attribute will create a sustained Denial of Service (DoS) condition. Some customers have experienced these BGP session flaps which prompted Juniper SIRT to release this advisory out of cycle before fixed releases are widely available as there is an effective workaround. This issue affects: Juniper Networks Junos OS 15.1R1 and later versions prior to 20.4R3-S8; 21.1 version 21.1R1 and later versions prior to 21.2R3-S6; 21.3 versions prior to 21.3R3-S5; 21.4 versions prior to 21.4R3-S4; 22.1 versions prior to 22.1R3-S4; 22.2 versions prior to 22.2R3-S2; 22.3 versions prior to 22.3R2-S2, 22.3R3-S1; 22.4 versions prior to 22.4R2-S1, 22.4R3; 23.1 versions prior to 23.1R1-S1, 23.1R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S8-EVO; 21.1 version 21.1R1-EVO and later versions prior to 21.2R3-S6-EVO; 21.3 versions prior to 21.3R3-S5-EVO; 21.4 versions prior to 21.4R3-S4-EVO; 22.1 versions prior to 22.1R3-S4-EVO; 22.2 versions prior to 22.2R3-S2-EVO; 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO; 23.1 versions prior to 23.1R1-S1-EVO, 23.1R2-EVO. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2023-0026 CVE - 2023-0026 CVE - 2023-36834 JSA71641

Juniper Junos OS: 2023-07 Security Bulletin: Junos OS and Junos OS Evolved: The l2cpd will crash when a malformed LLDP packet is received (JSA71660) (multiple CVEs) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/12/2023 Created 07/13/2023 Added 07/13/2023 Modified 07/20/2023 Description An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a BGP update message is received over an established BGP session, and that message contains a specific, optional transitive attribute, this session will be torn down with an update message error. This issue cannot propagate beyond an affected system as the processing error occurs as soon as the update is received. This issue is exploitable remotely as the respective attribute can propagate through unaffected systems and intermediate AS (if any). Continuous receipt of a BGP update containing this attribute will create a sustained Denial of Service (DoS) condition. Some customers have experienced these BGP session flaps which prompted Juniper SIRT to release this advisory out of cycle before fixed releases are widely available as there is an effective workaround. This issue affects: Juniper Networks Junos OS 15.1R1 and later versions prior to 20.4R3-S8; 21.1 version 21.1R1 and later versions prior to 21.2R3-S6; 21.3 versions prior to 21.3R3-S5; 21.4 versions prior to 21.4R3-S4; 22.1 versions prior to 22.1R3-S4; 22.2 versions prior to 22.2R3-S2; 22.3 versions prior to 22.3R2-S2, 22.3R3-S1; 22.4 versions prior to 22.4R2-S1, 22.4R3; 23.1 versions prior to 23.1R1-S1, 23.1R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S8-EVO; 21.1 version 21.1R1-EVO and later versions prior to 21.2R3-S6-EVO; 21.3 versions prior to 21.3R3-S5-EVO; 21.4 versions prior to 21.4R3-S4-EVO; 22.1 versions prior to 22.1R3-S4-EVO; 22.2 versions prior to 22.2R3-S2-EVO; 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO; 23.1 versions prior to 23.1R1-S1-EVO, 23.1R2-EVO. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2023-0026 CVE - 2023-0026 CVE - 2023-36849 JSA71660

OS X update for Automation (CVE-2023-3618) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 07/12/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

SonicWall GMS: CVE-2023-34124: Web Service Authentication Bypass Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:P/A:C) Published 07/12/2023 Created 07/13/2023 Added 07/12/2023 Modified 07/24/2023 Description A vulnerability in SonicWall GMS product allows Web Service Authentication Bypass. This vulnerability impacts GMS versions 9.3.2-SP1 and before Solution(s) sonicwall-gms-upgrade-9-3 References https://attackerkb.com/topics/cve-2023-34124 CVE - 2023-34124 https://www.sonicwall.com/support/product-notification/urgent-security-notice-sonicwall-gms-analytics-impacted-by-suite-of-vulnerabilities/230710150218060/

Huawei EulerOS: CVE-2023-3618: libtiff security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 07/12/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service. Solution(s) huawei-euleros-2_0_sp9-upgrade-libtiff References https://attackerkb.com/topics/cve-2023-3618 CVE - 2023-3618 EulerOS-SA-2023-2900

JetBrains TeamCity: CVE-2023-38062: Parameters of the "password" type could be shown in the UI in certain composite build configurations (TW-82022) Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 07/12/2023 Created 10/22/2024 Added 10/15/2024 Modified 02/03/2025 Description In JetBrains TeamCity before 2023.05.1 parameters of the "password" type could be shown in the UI in certain composite build configurations Solution(s) jetbrains-teamcity-upgrade-latest References https://attackerkb.com/topics/cve-2023-38062 CVE - 2023-38062 https://www.jetbrains.com/privacy-security/issues-fixed/

SonicWall GMS: CVE-2023-34133: Multiple Unauthenticated SQL Injection Issues and Security Filter Bypass Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 07/12/2023 Created 07/13/2023 Added 07/12/2023 Modified 07/27/2023 Description An Improper Neutralization of Special Elements used in an SQL Command in SonicWall GMS product results in Security Filter Bypass. This vulnerability impacts GMS versions 9.3.2-SP1 and before Solution(s) sonicwall-gms-upgrade-9-3 References https://attackerkb.com/topics/cve-2023-34133 CVE - 2023-34133 https://www.sonicwall.com/support/product-notification/urgent-security-notice-sonicwall-gms-analytics-impacted-by-suite-of-vulnerabilities/230710150218060/

JetBrains TeamCity: CVE-2023-38066: Reflected XSS via the Referer header was possible during artifact downloads (TW-80993) Severity 5 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 07/12/2023 Created 10/22/2024 Added 10/15/2024 Modified 02/03/2025 Description In JetBrains TeamCity before 2023.05.1 reflected XSS via the Referer header was possible during artifact downloads Solution(s) jetbrains-teamcity-upgrade-latest References https://attackerkb.com/topics/cve-2023-38066 CVE - 2023-38066 https://www.jetbrains.com/privacy-security/issues-fixed/

Alma Linux: CVE-2023-3600: Important: firefox security update (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/12/2023 Created 10/11/2023 Added 10/10/2023 Modified 01/28/2025 Description During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This vulnerability affects Firefox < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird < 115.0.1. Solution(s) alma-upgrade-firefox alma-upgrade-firefox-x11 alma-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-3600 CVE - 2023-3600 https://errata.almalinux.org/9/ALSA-2023-5434.html https://errata.almalinux.org/9/ALSA-2023-5435.html

PAN-OS: Read System Files and Resources During Configuration Commit Severity 7 CVSS (AV:N/AC:L/Au:M/C:C/I:P/A:N) Published 07/12/2023 Created 01/08/2025 Added 01/07/2025 Modified 01/16/2025 Description A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system. Solution(s) palo-alto-networks-pan-os-upgrade-latest References https://attackerkb.com/topics/cve-2023-38046 CVE - 2023-38046 https://security.paloaltonetworks.com/CVE-2023-38046

Debian: CVE-2023-3106: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/12/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A NULL pointer dereference vulnerability was found in netlink_dump. This issue can occur when the Netlink socket receives the message(sendmsg) for the XFRM_MSG_GETSA, XFRM_MSG_GETPOLICY type message, and the DUMP flag is set and can cause a denial of service or possibly another unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is unlikely. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-3106 CVE - 2023-3106

Microsoft Error Reporting Local Privilege Elevation Vulnerability Disclosed 07/11/2023 Created 09/27/2023 Description This module takes advantage of a bug in the way Windows error reporting opens the report parser.If you open a report, Windows uses a relative path to locate the rendering program. By creating a specific alternate directory structure, we can coerce Windows into opening an arbitrary executable as SYSTEM. If the current user is a local admin, the system will attempt impersonation and the exploit will fail. Author(s) Filip Dragović (Wh04m1001) Octoberfest7 bwatters-r7 Platform Windows Development Source Code History

Huawei EulerOS: CVE-2023-3354: qemu security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/11/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service. Solution(s) huawei-euleros-2_0_sp8-upgrade-qemu-img References https://attackerkb.com/topics/cve-2023-3354 CVE - 2023-3354 EulerOS-SA-2023-3153

Alma Linux: CVE-2023-3354: Important: virt:rhel and virt-devel:rhel security and bug fix update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/11/2023 Created 09/15/2023 Added 09/15/2023 Modified 01/28/2025 Description A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service. Solution(s) alma-upgrade-hivex alma-upgrade-hivex-devel alma-upgrade-libguestfs alma-upgrade-libguestfs-appliance alma-upgrade-libguestfs-bash-completion alma-upgrade-libguestfs-devel alma-upgrade-libguestfs-gfs2 alma-upgrade-libguestfs-gobject alma-upgrade-libguestfs-gobject-devel alma-upgrade-libguestfs-inspect-icons alma-upgrade-libguestfs-java alma-upgrade-libguestfs-java-devel alma-upgrade-libguestfs-javadoc alma-upgrade-libguestfs-man-pages-ja alma-upgrade-libguestfs-man-pages-uk alma-upgrade-libguestfs-rescue alma-upgrade-libguestfs-rsync alma-upgrade-libguestfs-tools alma-upgrade-libguestfs-tools-c alma-upgrade-libguestfs-winsupport alma-upgrade-libguestfs-xfs alma-upgrade-libiscsi alma-upgrade-libiscsi-devel alma-upgrade-libiscsi-utils alma-upgrade-libnbd alma-upgrade-libnbd-bash-completion alma-upgrade-libnbd-devel alma-upgrade-libtpms alma-upgrade-libtpms-devel alma-upgrade-libvirt alma-upgrade-libvirt-client alma-upgrade-libvirt-daemon alma-upgrade-libvirt-daemon-config-network alma-upgrade-libvirt-daemon-config-nwfilter alma-upgrade-libvirt-daemon-driver-interface alma-upgrade-libvirt-daemon-driver-network alma-upgrade-libvirt-daemon-driver-nodedev alma-upgrade-libvirt-daemon-driver-nwfilter alma-upgrade-libvirt-daemon-driver-qemu alma-upgrade-libvirt-daemon-driver-secret alma-upgrade-libvirt-daemon-driver-storage alma-upgrade-libvirt-daemon-driver-storage-core alma-upgrade-libvirt-daemon-driver-storage-disk alma-upgrade-libvirt-daemon-driver-storage-gluster alma-upgrade-libvirt-daemon-driver-storage-iscsi alma-upgrade-libvirt-daemon-driver-storage-iscsi-direct alma-upgrade-libvirt-daemon-driver-storage-logical alma-upgrade-libvirt-daemon-driver-storage-mpath alma-upgrade-libvirt-daemon-driver-storage-rbd alma-upgrade-libvirt-daemon-driver-storage-scsi alma-upgrade-libvirt-daemon-kvm alma-upgrade-libvirt-dbus alma-upgrade-libvirt-devel alma-upgrade-libvirt-docs alma-upgrade-libvirt-libs alma-upgrade-libvirt-lock-sanlock alma-upgrade-libvirt-nss alma-upgrade-libvirt-wireshark alma-upgrade-lua-guestfs alma-upgrade-nbdfuse alma-upgrade-nbdkit alma-upgrade-nbdkit-bash-completion alma-upgrade-nbdkit-basic-filters alma-upgrade-nbdkit-basic-plugins alma-upgrade-nbdkit-curl-plugin alma-upgrade-nbdkit-devel alma-upgrade-nbdkit-example-plugins alma-upgrade-nbdkit-gzip-filter alma-upgrade-nbdkit-gzip-plugin alma-upgrade-nbdkit-linuxdisk-plugin alma-upgrade-nbdkit-nbd-plugin alma-upgrade-nbdkit-python-plugin alma-upgrade-nbdkit-server alma-upgrade-nbdkit-ssh-plugin alma-upgrade-nbdkit-tar-filter alma-upgrade-nbdkit-tar-plugin alma-upgrade-nbdkit-tmpdisk-plugin alma-upgrade-nbdkit-vddk-plugin alma-upgrade-nbdkit-xz-filter alma-upgrade-netcf alma-upgrade-netcf-devel alma-upgrade-netcf-libs alma-upgrade-ocaml-hivex alma-upgrade-ocaml-hivex-devel alma-upgrade-ocaml-libguestfs alma-upgrade-ocaml-libguestfs-devel alma-upgrade-ocaml-libnbd alma-upgrade-ocaml-libnbd-devel alma-upgrade-perl-hivex alma-upgrade-perl-sys-guestfs alma-upgrade-perl-sys-virt alma-upgrade-python3-hivex alma-upgrade-python3-libguestfs alma-upgrade-python3-libnbd alma-upgrade-python3-libvirt alma-upgrade-qemu-guest-agent alma-upgrade-qemu-img alma-upgrade-qemu-kvm alma-upgrade-qemu-kvm-audio-pa alma-upgrade-qemu-kvm-block-curl alma-upgrade-qemu-kvm-block-gluster alma-upgrade-qemu-kvm-block-iscsi alma-upgrade-qemu-kvm-block-rbd alma-upgrade-qemu-kvm-block-ssh alma-upgrade-qemu-kvm-common alma-upgrade-qemu-kvm-core alma-upgrade-qemu-kvm-device-display-virtio-gpu alma-upgrade-qemu-kvm-device-display-virtio-gpu-ccw alma-upgrade-qemu-kvm-device-display-virtio-gpu-pci alma-upgrade-qemu-kvm-device-display-virtio-vga alma-upgrade-qemu-kvm-device-usb-host alma-upgrade-qemu-kvm-device-usb-redirect alma-upgrade-qemu-kvm-docs alma-upgrade-qemu-kvm-hw-usbredir alma-upgrade-qemu-kvm-tests alma-upgrade-qemu-kvm-tools alma-upgrade-qemu-kvm-ui-egl-headless alma-upgrade-qemu-kvm-ui-opengl alma-upgrade-qemu-kvm-ui-spice alma-upgrade-qemu-pr-helper alma-upgrade-ruby-hivex alma-upgrade-ruby-libguestfs alma-upgrade-seabios alma-upgrade-seabios-bin alma-upgrade-seavgabios-bin alma-upgrade-sgabios alma-upgrade-sgabios-bin alma-upgrade-slof alma-upgrade-supermin alma-upgrade-supermin-devel alma-upgrade-swtpm alma-upgrade-swtpm-devel alma-upgrade-swtpm-libs alma-upgrade-swtpm-tools alma-upgrade-swtpm-tools-pkcs11 alma-upgrade-virt-dib alma-upgrade-virt-v2v alma-upgrade-virt-v2v-bash-completion alma-upgrade-virt-v2v-man-pages-ja alma-upgrade-virt-v2v-man-pages-uk References https://attackerkb.com/topics/cve-2023-3354 CVE - 2023-3354 https://errata.almalinux.org/8/ALSA-2023-5264.html https://errata.almalinux.org/9/ALSA-2023-5094.html

Alma Linux: CVE-2023-1672: Moderate: tang security and bug fix update (Multiple Advisories) Severity 6 CVSS (AV:A/AC:M/Au:N/C:C/I:N/A:N) Published 07/11/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host. Solution(s) alma-upgrade-tang References https://attackerkb.com/topics/cve-2023-1672 CVE - 2023-1672 https://errata.almalinux.org/8/ALSA-2023-7022.html https://errata.almalinux.org/9/ALSA-2023-6492.html

Alma Linux: CVE-2023-29406: Moderate: container-tools:4.0 security and bug fix update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 07/11/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value. Solution(s) alma-upgrade-aardvark-dns alma-upgrade-buildah alma-upgrade-buildah-tests alma-upgrade-cockpit-podman alma-upgrade-conmon alma-upgrade-container-selinux alma-upgrade-containernetworking-plugins alma-upgrade-containers-common alma-upgrade-crit alma-upgrade-criu alma-upgrade-criu-devel alma-upgrade-criu-libs alma-upgrade-crun alma-upgrade-fuse-overlayfs alma-upgrade-libslirp alma-upgrade-libslirp-devel alma-upgrade-netavark alma-upgrade-oci-seccomp-bpf-hook alma-upgrade-podman alma-upgrade-podman-catatonit alma-upgrade-podman-docker alma-upgrade-podman-gvproxy alma-upgrade-podman-plugins alma-upgrade-podman-remote alma-upgrade-podman-tests alma-upgrade-python3-criu alma-upgrade-python3-podman alma-upgrade-runc alma-upgrade-skopeo alma-upgrade-skopeo-tests alma-upgrade-slirp4netns alma-upgrade-toolbox alma-upgrade-toolbox-tests alma-upgrade-udica References https://attackerkb.com/topics/cve-2023-29406 CVE - 2023-29406 https://errata.almalinux.org/8/ALSA-2023-6938.html https://errata.almalinux.org/8/ALSA-2023-6939.html https://errata.almalinux.org/8/ALSA-2023-7202.html https://errata.almalinux.org/9/ALSA-2023-6346.html https://errata.almalinux.org/9/ALSA-2023-6363.html https://errata.almalinux.org/9/ALSA-2023-6402.html https://errata.almalinux.org/9/ALSA-2023-6473.html https://errata.almalinux.org/9/ALSA-2023-6474.html View more

Aruba AOS-8: CVE-2023-35979: Unauthenticated Buffer Overflow Vulnerability in ArubaOS Web-Based Management Interface Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 07/11/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There is an unauthenticated buffer overflow vulnerability in the process controlling the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in a Denial-of-Service (DoS) condition affecting the web-based management interface of the controller. Solution(s) aruba-aos-8-cve-2023-35979 References https://attackerkb.com/topics/cve-2023-35979 CVE - 2023-35979 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-008.json

Aruba AOS-8: CVE-2023-35973: Authenticated Remote Command Execution in the ArubaOS Command Line Interface Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 07/11/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. Solution(s) aruba-aos-8-cve-2023-35973 References https://attackerkb.com/topics/cve-2023-35973 CVE - 2023-35973 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-008.json

Aruba AOS-8: CVE-2023-35977: Authenticated Sensitive Information Disclosure in ArubaOS Command Line Interface Severity 7 CVSS (AV:N/AC:L/Au:S/C:C/I:N/A:N) Published 07/11/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level. Solution(s) aruba-aos-8-cve-2023-35977 References https://attackerkb.com/topics/cve-2023-35977 CVE - 2023-35977 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-008.json

Aruba AOS-8: CVE-2023-35971: Unauthenticated Stored Cross-Site Scripting (XSS) in ArubaOS Web-based Management Interface Severity 8 CVSS (AV:A/AC:L/Au:N/C:C/I:C/A:C) Published 07/11/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface. Solution(s) aruba-aos-8-cve-2023-35971 References https://attackerkb.com/topics/cve-2023-35971 CVE - 2023-35971 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-008.json

Huawei EulerOS: CVE-2023-29406: golang security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 07/11/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value. Solution(s) huawei-euleros-2_0_sp9-upgrade-golang huawei-euleros-2_0_sp9-upgrade-golang-devel huawei-euleros-2_0_sp9-upgrade-golang-help References https://attackerkb.com/topics/cve-2023-29406 CVE - 2023-29406 EulerOS-SA-2023-3331

Gentoo Linux: CVE-2023-36824: Redis: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 07/11/2023 Created 08/08/2024 Added 08/08/2024 Modified 01/28/2025 Description Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several scenarios that may lead to authenticated users executing a specially crafted `COMMAND GETKEYS` or `COMMAND GETKEYSANDFLAGS`and authenticated users who were set with ACL rules that match key names, executing a specially crafted command that refers to a variadic list of key names. The vulnerability is patched in Redis 7.0.12. Solution(s) gentoo-linux-upgrade-dev-db-redis References https://attackerkb.com/topics/cve-2023-36824 CVE - 2023-36824 202408-05

Huawei EulerOS: CVE-2023-29406: golang security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 07/11/2023 Created 02/13/2024 Added 02/12/2024 Modified 01/28/2025 Description The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value. Solution(s) huawei-euleros-2_0_sp5-upgrade-golang huawei-euleros-2_0_sp5-upgrade-golang-bin huawei-euleros-2_0_sp5-upgrade-golang-src References https://attackerkb.com/topics/cve-2023-29406 CVE - 2023-29406 EulerOS-SA-2024-1140

Gentoo Linux: CVE-2023-29406: Go: Multiple Vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 07/11/2023 Created 11/28/2023 Added 11/27/2023 Modified 01/28/2025 Description The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value. Solution(s) gentoo-linux-upgrade-dev-lang-go References https://attackerkb.com/topics/cve-2023-29406 CVE - 2023-29406 202311-09