Cloudroits Website Job Search SQL Injection Vulnerability

Cloudroits Website Job Search is a website backend from Cloudroits, Inc. A security vulnerability exists in Cloudroits Website Job Search version v.15.0 that could allow an authenticated, remote attacker to execute arbitrary code via the name parameter in the controllers/main.py component...

CVE-2023-40956

A SQL injection vulnerability in Cloudroits Website Job Search v.15.0 allows a remote authenticated attacker to execute arbitrary code via the name parameter in controllers/main.py component...

Vulnerability of the operating systems of ArubaOS controllers Aruba 9200 and 9000, allowing a hacker to execute arbitrary code

The vulnerability of ArubaOS controller devices Aruba 9200 and 9000 is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2023-38485

Vulnerabilities exist in the BIOS implementation of Aruba 9200 and 9000 Series Controllers and Gateways that could allow an attacker to execute arbitrary code early in the boot sequence. An attacker could exploit this vulnerability to gain access to and change underlying sensitive information in...

Security feature bypass

A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary...

CVE-2023-38486 Hardware Root of Trust Bypass in 9200 and 9000 Series Controllers and Gateways

A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary...

CVE-2023-38486

The CVE-2023-38486 entry describes a flaw in the secure boot implementation on Aruba 9200 and 9000 Series Controllers and Gateways. The issue allows bypassing the secure-boot protections that normally prohibit unsigned kernel images from executing, enabling an attacker to run arbitrary runtime op...

CVE-2023-38486 Hardware Root of Trust Bypass in 9200 and 9000 Series Controllers and Gateways

A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary...

CVE-2023-38485 Multiple Buffer Overflow Vulnerabilities in BIOS Implementation of 9200 and 9000 Series Controllers and Gateways

Vulnerabilities exist in the BIOS implementation of Aruba 9200 and 9000 Series Controllers and Gateways that could allow an attacker to execute arbitrary code early in the boot sequence. An attacker could exploit this vulnerability to gain access to and change underlying sensitive information in...

CVE-2023-38485 Multiple Buffer Overflow Vulnerabilities in BIOS Implementation of 9200 and 9000 Series Controllers and Gateways

Vulnerabilities exist in the BIOS implementation of Aruba 9200 and 9000 Series Controllers and Gateways that could allow an attacker to execute arbitrary code early in the boot sequence. An attacker could exploit this vulnerability to gain access to and change underlying sensitive information in...

CVE-2023-38485

CVE-2023-38485 affects Aruba 9200/9000 Series Controllers and Gateways; BIOS implementation vulnerabilities could allow arbitrary code execution early in boot, enabling full system compromise. No publicly documented patch/version fix is provided in the connected sources; exploitation details and ...

CVE-2023-38484 Multiple Buffer Overflow Vulnerabilities in BIOS Implementation of 9200 and 9000 Series Controllers and Gateways

Vulnerabilities exist in the BIOS implementation of Aruba 9200 and 9000 Series Controllers and Gateways that could allow an attacker to execute arbitrary code early in the boot sequence. An attacker could exploit this vulnerability to gain access to and change underlying sensitive information in...

9 Alarming Vulnerabilities Uncovered in SEL's Power Management Products

Nine security flaws have been disclosed in electric power management products made by Schweitzer Engineering Laboratories SEL. "The most severe of those nine vulnerabilities would allow a threat actor to facilitate remote code execution RCE on an engineering workstation," Nozomi Networks said in ...

CVE-2023-38902

A command injection vulnerability in RG-EW series home routers and repeaters v.EW3.01B11P219, RG-NBS and RG-S1930 series switches v.SWITCH3.01B11P219, RG-EG series business VPN routers v.EG3.01B11P219, EAP and RAP series wireless access points v.AP3.01B11P219, and NBC series wireless controllers...

CVE-2023-38902

A command injection vulnerability in RG-EW series home routers and repeaters v.EW3.01B11P219, RG-NBS and RG-S1930 series switches v.SWITCH3.01B11P219, RG-EG series business VPN routers v.EG3.01B11P219, EAP and RAP series wireless access points v.AP3.01B11P219, and NBC series wireless controllers...

PT-2023-26676 · Rg-Nbs +6 · Rg-Nbs +6

Name of the Vulnerable Software and Affected Versions: RG-EW series home routers and repeaters versions EW 3.01B11P204 through EW 3.01B11P219 RG-NBS and RG-S1930 series switches versions SWITCH 3.01B11P218 through SWITCH 3.01B11P219 RG-EG series business VPN routers versions EG 3.01B11P216 throug...

Citrix Content Collaboration ShareFile Improper Access Control Vulnerability

Citrix Content Collaboration contains an improper access control vulnerability that could allow an unauthenticated attacker to remotely compromise customer-managed ShareFile storage zones controllers...

Broadcom RAID Controller Security Vulnerability

The Broadcom RAID Controller is a series of RAID controllers from Broadcom Corporation USA. A security vulnerability exists in the Broadcom RAID Controller that stems from the lack of an HTTP X-Content-Type-Options header in the web interface, which makes the product susceptible to attack...

Broadcom RAID Controller Security Vulnerability

The Broadcom RAID Controller is a series of RAID controllers from Broadcom Corporation USA. A security vulnerability exists in the Broadcom RAID Controller that stems from an insecure HTTP configuration in the web interface that prevents the protection of cookies with the Secure attribute...

CVE-2023-22276

Race condition in firmware for some IntelR Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local access...