VU#589825: Devices supporting Bluetooth BR/EDR and LE using CTKD are...
OverviewDevices supporting both Bluetooth BR/EDR and LE using Cross-Transport Key Derivation (CTKD) for pairing are vulnerable to key overwrite, which enables an attacker to to gain additional access...
View ArticleVU#896979: IPTV encoder devices contain multiple vulnerabilities
OverviewMultiple vulnerabilities exist in various Video Over IP (Internet Protocol) encoder devices, also known as IPTV/H.264/H.265 video encoders. These vulnerabilities allow an unauthenticated remote...
View ArticleVU#490028: Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure...
OverviewThe Microsoft Windows Netlogon Remote Protocol (MS-NRPC) reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This allows an unauthenticated attacker to impersonate a...
View ArticleVU#114757: Acronis backup software contains multiple privilege escalation...
OverviewAcronis True Image, Cyber Backup, and Cyber Protection all contain privilege escalation vulnerabilities, which can allow an unprivileged Windows user to be able to run arbitrary code with...
View ArticleVU#208577: Chocolatey Boxstarter is vulnerable to privilege escalation due to...
OverviewChocolatey Boxstarter fails to properly set ACLs, which can allow an unprivileged Windows user to be able to run arbitrary code with SYSTEM privileges.DescriptionCVE-2020-15264The Chocolatey...
View ArticleVU#760767: Macrium Reflect is vulnerable to privilege escalation due to...
OverviewMacrium Reflect contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable that specifies a location where an unprivileged Windows user can create...
View ArticleVU#231329: Replay Protected Memory Block (RPMB) protocol does not adequately...
OverviewThe Replay Protected Memory Block (RPMB) protocol found in several storage specifications does not securely protect against replay attacks. An attacker with physical access can deceive a...
View ArticleVU#724367: VMware Workspace ONE Access and related components are vulnerable...
OverviewVMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector are vulnerable to command injection in the administrative configurator. This could allow a remote...
View ArticleVU#815128: Embedded TCP/IP stacks have memory corruption vulnerabilities
OverviewMultiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices, have several vulnerabilities stemming from improper memory management. These...
View ArticleVU#429301: Veritas Backup Exec is vulnerable to privilege escalation due to...
OverviewVeritas Backup Exec contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable that specifies a location where an unprivileged Windows user can create...
View ArticleVU#843464: SolarWinds Orion API authentication bypass allows remote command...
OverviewThe SolarWinds Orion API is vulnerable to authentication bypass that could allow a remote attacker to execute API commands.DescriptionThe SolarWinds Orion Platform is a suite of infrastructure...
View ArticleVU#434904: Dnsmasq is vulnerable to memory corruption and cache poisoning
OverviewDnsmasq is vulnerable to a set of memory corruption issues handling DNSSEC data and a second set of issues validating DNS responses. These vulnerabilities could allow an attacker to corrupt...
View ArticleVU#125331: Adobe ColdFusion is vulnerable to privilege escalation due to weak...
OverviewAdobe ColdFusion fails to properly set ACLs, which can allow an unprivileged Windows user to be able to run arbitrary code with SYSTEM privileges.DescriptionThe Adobe ColdFusion installer fails...
View ArticleVU#794544: Heap-Based Buffer Overflow in Sudo
OverviewA heap-based overflow has been discovered in sudo, which may allow a local attacker to execute commands with elevated administrator privileges.DescriptionFrom the Sudo Main Page:Sudo (su "do")...
View ArticleVU#466044: Siemens Totally Integrated Automation Portal vulnerable to...
OverviewSiemens Totally Integrated Administrator (TIA) fails to properly set the module search path to be used by a privileged Node.js component, which can allow an unprivileged Windows user to run...
View ArticleVU#240785: Atlassian Bitbucket on Windows is vulnerable to privilege...
OverviewAtlassian Bitbucket on Windows fails to properly set ACLs, which can allow an unprivileged Windows user to run arbitrary code with SYSTEM privileges.DescriptionThe Atlassian Bitbucket Windows...
View ArticleVU#213092: Pulse Connect Secure vulnerable to authentication bypass that...
OverviewPulse Connect Secure (PCS) gateway contains a vulnerability that can allow an unauthenticated remote attacker to execute arbitrary code.DescriptionCVE-2021-22893An unspecified vulnerability...
View ArticleVU#567764: MySQL for Windows is vulnerable to privilege escalation due to...
OverviewMySQL for Windows contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable that specifies a location where an unprivileged Windows user can create...
View ArticleVU#799380: Devices supporting Bluetooth Core and Mesh Specifications are...
OverviewDevices supporting the Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure that could allow an attacker to impersonate a legitimate device...
View ArticleVU#667933: Pulse Connect Secure Samba buffer overflow
OverviewPulse Connect Secure (PCS) gateway contains a buffer overflow vulnerability in Samba-related code that may allow an authenticated remote attacker to execute arbitrary...
View Article