100 matches found
CVE-2024-0833
Affected software : Telerik Test Studio (installer component) prior to v2023.3.1330. Vulnerability : privilege elevation where a lower-privileged user can manipulate the installation package in environments with an existing Test Studio install to gain elevated OS privileges. Impact :, as per CVSS...
CVE-2024-0833 Privilege Elevation via Telerik Test Studio
In Telerik Test Studio versions prior to v2023.3.1330, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik Test Studio install is present, a lower privileged user has the ability to manipulate the installatio...
CVE-2023-0833
creationtimestamp| type| source ---|---|--- 2023-09-27 18:45:57+00:00| seen| https://t.me/cibsecurity/71095...
CVE-2023-0833
CVE-2023-0833 — IBM and Red Hat sources confirm an information disclosure flaw in the OKHttp component shipped with Red Hat AMQ-Streams. An authenticated attacker could trigger an exception via a header containing an illegal value to access information beyond their permissions. The IBM security b...
Important: Red Hat Security Advisory: Red Hat AMQ Streams 2.4.0 release and security update
Red Hat AMQ Streams 2.4.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
SUSE SLES12: dpdk / dpdk-devel / dpdk-kmp-default / dpdk-thunderx / etc (SUSE-SU-2023:0833-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0833-1 advisory. - rebuild the package with the new secure boot key bsc1209188. Tenable has extracted the preceding description block directly from the SUSE...
Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 2.2.1 release and security update
Red Hat AMQ Streams 2.2.1 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Oracle Linux 8 : python3 (ELSA-2023-0833)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0833 advisory. 3.6.8-48.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-48.1 - Security fixes for CVE-2020-10735, CVE-2021-28861 and...
Rocky Linux 8 : python3 (RLSA-2023:0833)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0833 advisory. - DISPUTED Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple / at the beginning ...
RHEL 8 : python3 (RHSA-2023:0833)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0833 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
CVE-2022-0833
creationtimestamp| type| source ---|---|--- 2022-03-28 22:42:03+00:00| seen| https://t.me/cibsecurity/39672...
CVE-2022-0833
CVE-2022-0833 – WordPress Church Admin plugin prior to 3.4.135 is vulnerable due to missing authorization and CSRF protections on certain actions and files. An unauthenticated attacker can repeatedly call the public- facing and requested actions (notably the “refresh-backup” action) and access a ...
CVE-2022-0833 Church Admin < 3.4.135 - Unauthenticated Plugin's Backup Disclosure
The Church Admin WordPress plugin before 3.4.135 does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticated attackers to repeatedly request the "refresh-backup" action, and simultaneously keep requesting a publicly accessible temporary file...
Out-of-bounds write in ChakraCore
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829...
GHSA-C8QC-62QV-5P2X Out-of-bounds Write in ChakraCore
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0829,...
GHSA-WVHV-RR3V-VHPJ Out-of-bounds write in ChakraCore
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829,...
GHSA-J89M-GCJF-6GHP Out-of-bounds write in ChakraCore
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829,...
RHEL 7 : OpenShift Container Platform 3.11.404 (RHSA-2021:0833)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:0833 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud...
Remote code execution
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829...
Remote code execution
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829,...