Exploit for Missing Authentication for Critical Function in Veeam Backup & Replication
# CVE-2023-27532 POC for CVE-2023-27532 affecting Veeam Backup a...Read More ...
Continue Reading
March 23, 2023
CVE-2022-4224
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device.Read More ...
Continue Reading
March 23, 2023
CVE-2018-25048
The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.Read More ...
Continue Reading
March 23, 2023
Amazon Linux AMI : lighttpd (ALAS-2023-1705)
The version of lighttpd installed on the remote host is prior to 1.4.53-1.37. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1705 advisory. - In lighttpd 1.4.65, mod_ws ...
Continue Reading
March 23, 2023
Important: lighttpd
**Issue Overview:** In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference w ...
Continue Reading
March 23, 2023
Oracle Linux 8 : openssl (ELSA-2023-1405)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1405 advisory. - A timing based side channel exists in the OpenSSL ...
Continue Reading
March 23, 2023
CVE-2023-26358
Creative Cloud version 5.9.1 (and earlier) is affected by an Untrusted Search Path vulnerability that might allow attackers to execute their own programs, access unauthorized data files, or modify con ...
Continue Reading
March 22, 2023
CVE-2023-25859
Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current ...
Continue Reading
March 22, 2023
CVE-2023-25860
Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ...
Continue Reading
March 22, 2023
Amazon Linux 2023 : tomcat9, tomcat9-admin-webapps, tomcat9-el-3.0-api (ALAS2023-2023-059)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-059 advisory. - The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomca ...
Continue Reading
March 22, 2023
