GHSA-MCWH-C9PG-XW43 Apache Kafka Deserialization of Untrusted Data vulnerability

In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnerable to this attack, the Apache Kafka brokers also have this vulnerability. To exploit this vulnerability, the attacker needs ...

CVE-2023-1698

In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise...

Cisco Integrated Management Controller Elevation of Privilege Vulnerability

Cisco Integrated Management Controller IMC is a set of software from the American company Cisco Cisco for the management of UCS Unified Computing System. The software supports HTTP, SSH access, etc., and can perform operations such as powering on, powering off and rebooting the server. An elevati...

Conarc iChannel webserver incorrect access restriction vulnerability

Conarc iChannel is a solution developed by Conarc Corporation in the United States that integrates customer relationship management CRM systems with DMS functionality. An incorrect access restriction vulnerability exists in Conarc iChannel. A remote attacker could exploit this vulnerability by...