Quantcast
Browsing latest articles
Browse All 129 View Live

VU#238194: R Programming Language implementations are vulnerable to arbitrary...

OverviewA vulnerability in the R language that allows for arbitrary code to be executed directly after the deserialization of untrusted data has been discovered. This vulnerability can be exploited...

View Article


VU#163057: BMC software fails to validate IPMI session.

OverviewThe Intelligent Platform Management Interface (IPMI) implementations in multiple manufacturer's Baseboard Management Controller (BMC) software are vulnerable to IPMI session hijacking. An...

View Article


VU#456537: RADIUS protocol susceptible to forgery attacks.

OverviewA vulnerability in the RADIUS protocol allows an attacker allows an attacker to forge an authentication response in cases where a Message-Authenticator attribute is not required or enforced....

View Article

VU#312260: Use-after-free vulnerability in lighttpd version 1.4.50 and earlier

OverviewA use-after-free vulnerability in lighttpd in versions 1.4.50 and earlier permits a remote, unauthenticated attacker to trigger lighttpd to read from invalid pointers in memory. The attacker...

View Article

VU#244112: Multiple SMTP services are susceptible to spoofing attacks due to...

OverviewMultiple hosted, outbound SMTP servers are vulnerable to email impersonation. This allows authenticated users and certain trusted networks to send emails containing spoofed sender information....

View Article


VU#455367: Insecure Platform Key (PK) used in UEFI system firmware signature

OverviewA vulnerability in the user of hard-coded Platform Keys (PK) within the UEFI framework, known as PKfail, has been discovered. This flaw allows attackers to bypass critical UEFI security...

View Article

VU#138043: A stack-based overflow vulnerability exists in the Microchip...

OverviewA stack-based overflow vulnerability exists in the tinydhcp server in the Microchip Advanced Software Framework (ASF) that can lead to remote code execution.DescriptionAn implementation of DHCP...

View Article

VU#123336: Vulnerable WiFi Alliance example code found in Arcadyan FMIMG51AX000J

OverviewA command injection vulnerability has been identified in the Wi-Fi Test Suite, a tool developed by the WiFi Alliance, which has been found deployed on Arcadyan routers. This flaw allows an...

View Article


VU#164934: PDQ Deploy allows reuse of deleted credentials that can compromise...

OverviewPDQ Deploy is a service intended for usage by system administrators for the deployment of software or updates to targeted machines within their network. PDQ Deploy uses "run modes" to deploy...

View Article


VU#529659: Howyar Reloader UEFI bootloader vulnerable to unsigned software...

OverviewThe Howyar UEFI Application "Reloader" (32-bit and 64-bit), distributed as part of SysReturn prior to version 10.2.02320240919, is vulnerable to the execution of arbitrary software from a...

View Article

VU#952657: Rsync contains six vulnerabilities

OverviewRsync, a versatile file-synchronizing tool, contains six vulnerabilities present within versions 3.3.0 and below. Rsync can be used to sync files between remote and local computers, as well as...

View Article

VU#199397: Insecure Implementation of Tunneling Protocols (GRE/IPIP/4in6/6in4)

OverviewTunnelling protocols are an essential part of the Internet and form much of the backbone that modern network infrastructure relies on today. One limitation of these protocols is that they do...

View Article

VU#733789: ChatGPT-4o contains security bypass vulnerability through time and...

OverviewChatGPT-4o contains a jailbreak vulnerability called "Time Bandit" that allows an attacker the ability to circumvent the safety guardrails of ChatGPT and instruct it to provide illicit or...

View Article


VU#148244: PandasAI interactive prompt function can be exploited to run...

OverviewPandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted...

View Article

VU#726882: Paragon Partition Manager contains five memory vulnerabilities...

OverviewParagon Partition Manager's BioNTdrv.sys driver, versions prior to 2.0.0, contains five vulnerabilities. These include arbitrary kernel memory mapping and write vulnerabilities, a null pointer...

View Article

Browsing latest articles
Browse All 129 View Live