CVE-2023-42183

lockss-daemon aka Classic LOCKSS Daemon before 1.77.3 performs post-Unicode normalization, which may allow bypass of intended access restrictions, such as when U+1FEF is converted to a backtick...

LOCKSS Daemon Security Vulnerability

LOCKSS Daemon is a research-based open source software application from LOCKSS that provides powerful peer-to-peer digital preservation. A security vulnerability exists in LOCKSS Daemon versions prior to 1.77.3 that stems from allowing an attacker to bypass access restrictions...

PT-2023-28288 · Unknown · Lockss-Daemon

Name of the Vulnerable Software and Affected Versions: lockss-daemon versions prior to 1.77.3 Description: The issue is related to post-Unicode normalization, which may allow bypass of intended access restrictions. This can occur when certain Unicode characters, such as U+1FEF, are converted to...

PT-2023-22655 · Mremoteng · Mremoteng

Name of the Vulnerable Software and Affected Versions: mRemoteNG versions = 1.76.20 mRemoteNG versions = 1.77.3-dev Description: The issue allows attackers to access the contents of configuration files in plain text through a memory dump, thus compromising user credentials when no custom password...