Security Advisory Description A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy ...
More info:
https://my.f5.com/manage/s/article/K000133706?utm_source=f5support&utm_medium=RSS
Security Advisory Description When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very ...
More info:
https://my.f5.com/manage/s/article/K000133710?utm_source=f5support&utm_medium=RSS
Security Advisory Description CVE-2023-21964 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, ...
More info:
https://my.f5.com/manage/s/article/K000133699?utm_source=f5support&utm_medium=RSS
Security Advisory Description CVE-2023-21929 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.32 and prior. Easily ...
More info:
https://my.f5.com/manage/s/article/K000133694?utm_source=f5support&utm_medium=RSS
Security Advisory Description The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed ...
More info:
https://my.f5.com/manage/s/article/K000133692?utm_source=f5support&utm_medium=RSS
Security Advisory Description multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able ...
More info:
https://my.f5.com/manage/s/article/K000133615?utm_source=f5support&utm_medium=RSS
A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device. This vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipp-oobwrite-8cMF5r7U?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IP%20Phone%207800%20and%208800%20Series%20Cisco%20Discovery%20Protocol%20Stack%20Overflow%20Vulnerability&vs_k=1
Security Advisory Description An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious ...
More info:
https://my.f5.com/manage/s/article/K000133686?utm_source=f5support&utm_medium=RSS
Security Advisory Description CVE-2023-21913 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior.
More info:
https://my.f5.com/manage/s/article/K000133687?utm_source=f5support&utm_medium=RSS
Command-and-control (C2) frameworks serve as a means to remotely manage and access compromised devices. They allow for the creation of various payload types, called implants, that are dropped on victim machines by attackers, enabling them to retain access and control over the infected victim. While legitimate penetration testing utilizes C2 frameworks to evaluate system security … ContinuedThe post It’s Raining Implants: How to Generate C2 Framework Implants At Scale appeared first
More info:
https://blogs.vmware.com/security/2023/04/its-raining-implants-how-to-generate-c2-framework-implants-at-scale.html?utm_source=rss&utm_medium=rss&utm_campaign=its-raining-implants-how-to-generate-c2-framework-implants-at-scale
