Amazon Linux 2023 : nginx, nginx-all-modules, nginx-core (ALAS2023-2023-090)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-090 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks ...

[SECURITY] Fedora 36 Update: sudo-1.9.13-1.p2.fc36

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

[SECURITY] Fedora 38 Update: sudo-1.9.13-1.p2.fc38

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

CVE-2023-0353

Akuvox E11 uses a weak encryption algorithm for stored passwords and uses a hard-coded password for decryption which could allow the encrypted passwords to be decrypted from the configuration file...

Hardcoded credentials

Akuvox E11 uses a weak encryption algorithm for stored passwords and uses a hard-coded password for decryption which could allow the encrypted passwords to be decrypted from the configuration file...

CVE-2023-0353 CVE-2023-0353

Akuvox E11 uses a weak encryption algorithm for stored passwords and uses a hard-coded password for decryption which could allow the encrypted passwords to be decrypted from the configuration file...

CVE-2023-0353

The connected documentation confirms CVE-2023-0353 affects Akuvox E11. The vulnerability arises from storing passwords with a weak encryption algorithm and decrypting them via a hard-coded key, enabling potential decryption of encrypted passwords from the device configuration. Impact is rated hig...

CVE-2023-0353 CVE-2023-0353

Akuvox E11 uses a weak encryption algorithm for stored passwords and uses a hard-coded password for decryption which could allow the encrypted passwords to be decrypted from the configuration file...

Denial Of Service (DoS)

dlt-daemon is vulnerable to Denial Of Service DoS. The vulnerability exists because the configuration file fails to generate dlt logs in the system when that file contains special characters, allowing an attacker to cause an application crash...

Debian: Security Advisory (DLA-473-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-74-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-713-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the /etc/config/product.ini component in the TOTOLINK CA300-PoE router software allows a attacker to disclose protected information.

The vulnerability of the /etc/config/product.ini component of the TOTOLINK CA300-PoE router software lies in the use of pre-installed credentials. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information...

[SECURITY] Fedora 37 Update: sudo-1.9.13-1.p2.fc37

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

CVE-2023-20009

A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway ESA and Cisco Secure Email and Web Manager SMA could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a...

CVE-2023-20009

A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway ESA and Cisco Secure Email and Web Manager SMA could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a...

Privilege escalation

A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway ESA and Cisco Secure Email and Web Manager SMA could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a...

CVE-2023-24205

Clash for Windows v0.20.12 was discovered to contain a remote code execution RCE vulnerability which is exploited via overwriting the configuration file cfw-setting.yaml...

CVE-2023-24205

Clash for Windows v0.20.12 was discovered to contain a remote code execution RCE vulnerability which is exploited via overwriting the configuration file cfw-setting.yaml...

Remote code execution

Clash for Windows v0.20.12 was discovered to contain a remote code execution RCE vulnerability which is exploited via overwriting the configuration file cfw-setting.yaml...