16 matches found
CVE-2024-41922
A directory traversal vulnerability exists in the log files download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...
CVE-2024-41163
A directory traversal vulnerability exists in the archive functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...
Vulnerability in popular PDF reader could lead to arbitrary code execution; Multiple issues in GNOME project
Cisco Talos' Vulnerability Research team recently disclosed six new security vulnerabilities across a range of software, including one in a popular PDF reader that could lead to arbitrary code execution. Foxit PDF Reader, one of the most popular alternatives to Adobe Acrobat, contains a memory...
CVE-2024-41922
A directory traversal vulnerability exists in the log files download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...
CVE-2024-41163
A directory traversal vulnerability exists in the archive functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...
CVE-2024-39755
A privilege escalation vulnerability exists in the node update functionality of Veertu Anka Build 1.42.0. A specially crafted PKG file can lead to execute priviledged operation. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...
CVE-2024-41163
A directory traversal vulnerability exists in the archive functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...
CVE-2024-39755
Veertu Anka Build 1.42.0 is affected by a privilege-escalation in the node update flow. Cisco Talos details a TOCTOU-style vulnerability: a low-privilege user can place a malicious PKG named ank aAgent.pkg in /tmp, which gets overwritten when a Node join/update triggers the download and installat...
CVE-2024-41922
A directory traversal vulnerability exists in the log files download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...
Veertu Anka Build registry archive files directory traversal vulnerability
Talos Vulnerability Report TALOS-2024-2059 Veertu Anka Build registry archive files directory traversal vulnerability October 3, 2024 CVE Number CVE-2024-41163 SUMMARY A directory traversal vulnerability exists in the archive functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP...
Veertu Anka Build 路径遍历漏洞
Veertu Anka Build is a centralized dashboard from Veertu. A path traversal vulnerability exists in Veertu Anka Build version 1.42.0, which stems from the fact that a specially constructed HTTP request can lead to the disclosure of arbitrary files...
Veertu Anka Build registry log files directory traversal vulnerability
Talos Vulnerability Report TALOS-2024-2061 Veertu Anka Build registry log files directory traversal vulnerability October 3, 2024 CVE Number CVE-2024-41922 SUMMARY A directory traversal vulnerability exists in the log files download functionality of Veertu Anka Build 1.42.0. A specially crafted...
Veertu Anka Build 路径遍历漏洞
Veertu Anka Build is a centralized dashboard from Veertu. A path traversal vulnerability exists in Veertu Anka Build version 1.42.0, which stems from the fact that a specially constructed HTTP request can lead to the disclosure of arbitrary files...
PT-2024-29635 · Veertu · Veertu Anka Build
Name of the Vulnerable Software and Affected Versions: Veertu Anka Build version 1.42.0 Description: A directory traversal vulnerability exists in the log files download functionality. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an...
Veertu Anka Build node agent update privilege escalation vulnerability
Talos Vulnerability Report TALOS-2024-2060 Veertu Anka Build node agent update privilege escalation vulnerability October 3, 2024 CVE Number CVE-2024-39755 SUMMARY A privilege escalation vulnerability exists in the node update functionality of Veertu Anka Build 1.42.0. A specially crafted PKG fil...
PT-2024-28664 · Veertu · Veertu Anka Build
Name of the Vulnerable Software and Affected Versions: Veertu Anka Build version 1.42.0 Description: A privilege escalation vulnerability exists in the node update functionality of Veertu Anka Build. The vulnerability occurs during Anka node agent update, allowing a low privilege user to trigger...