CVE-2023-3264

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials.S ...

Continue Reading

August 14, 2023

CVE-2023-40303

GNU inetutils through 2.4 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if t ...

Continue Reading

August 14, 2023

CVE-2023-3263

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials.S ...

Continue Reading

August 14, 2023

CVE-2023-3266

A non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checks if LDAP authentication is selected.An unauthenticated atta ...

Continue Reading

August 14, 2023

CVE-2023-3267

When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority Syst ...

Continue Reading

August 14, 2023

CVE-2023-40274

An issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the "zola serve" command, allows directory traversal. The handle_request function, used ...

Continue Reading

August 14, 2023

CVE-2023-40293

Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object.Read More ...

Continue Reading

August 14, 2023

CVE-2023-40291

Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name.Read More ...

Continue Reading

August 14, 2023

1 144 145 146 147 148 3,551

Back to Main
Subscribe for the latest news: