UBUNTU-CVE-2023-42670

A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes for example,...

Delta Electronics WPLSoft Security Vulnerability

Delta Electronics WPLSoft is a software tool for programming Delta Programmable Logic Controllers PLCs from Delta Electronics, Taiwan, China. A security vulnerability exists in Delta Electronics WPLSoft version 2.51 and prior versions, which stems from a heap-based buffer overflow issue...

CVE-2023-20202

A vulnerability in the Wireless Network Control daemon wncd of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. This vulnerability is due to improper memory management. An attacker could exploit this...

CVE-2023-20202

A vulnerability in the Wireless Network Control daemon wncd of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. This vulnerability is due to improper memory management. An attacker could exploit this...

CVE-2023-20202

A vulnerability in the Wireless Network Control daemon wncd of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. This vulnerability is due to improper memory management. An attacker could exploit this...

CVE-2023-20202

The CVE-2023-20202 issue affects Cisco IOS XE Software for Wireless LAN Controllers, specifically the Wireless Network Control daemon (wncd). The root cause is improper memory management in wncd, allowing an unauthenticated, adjacent attacker to send network requests that could cause wncd to cons...

PT-2023-5581 · Cisco · Cisco Sd-Wan Vmanage

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN vManage affected versions not specified Description: A vulnerability in the command line interface CLI management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and roll bac...

PrestaShop SQL Injection Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, short message alerts, and product image scaling. A security vulnerability exists in PrestaShop opartsavecart 2.0.7 and earlier versions, which originated from...

The vulnerability of microprogramming software for controlling and monitoring air consumption in pneumatic systems such as Festo MSE6-C2M, MSE6-D2M, and MSE6-E2M allows a intruder to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of microprogramming software for controlling and monitoring air consumption in pneumatic systems such as Festo MSE6-C2M, MSE6-D2M, and MSE6-E2M is related to the presence of undocumented configuration commands. Exploiting this vulnerability could allow a malicious actor to...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Improper Validation of Consistency Within Input (CVE-2022-47392)

An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition. Wago PFC200 and Compact Controllers...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Stack-Based Buffer Overflow (CVE-2022-47381)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CMPapp Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago PFC20...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Stack-Based Buffer Overflow (CVE-2022-47388)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Stack-Based Buffer Overflow (CVE-2022-47380)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CMPapp Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago PFC20...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Stack-Based Buffer Overflow (CVE-2022-47389)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Stack-Based Buffer Overflow (CVE-2022-47382)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Stack-Based Buffer Overflow (CVE-2022-47387)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago...

ADCSKiller - An ADCS Exploitation Automation Tool Weaponizing Certipy And Coercer

ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services ADCS vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. Please note that the ADCSKiller is...

CVE-2023-40956

A SQL injection vulnerability in Cloudroits Website Job Search v.15.0 allows a remote authenticated attacker to execute arbitrary code via the name parameter in controllers/main.py component...

CVE-2023-40956

A SQL injection vulnerability in Cloudroits Website Job Search v.15.0 allows a remote authenticated attacker to execute arbitrary code via the name parameter in controllers/main.py component...

Sql injection

A SQL injection vulnerability in Cloudroits Website Job Search v.15.0 allows a remote authenticated attacker to execute arbitrary code via the name parameter in controllers/main.py component...