Progress Software Kemp LoadMaster apiuser Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the apiuser parameter provided to the accessv2 endpoin...

CVE-2024-49369

CVE-2024-49369 affects Icinga2 TLS certificate validation from version 2.4.0, enabling impersonation of trusted cluster nodes or API users using client certificates. Fixed in Icinga 2.14.3, 2.13.10, 2.12.11, and 2.11.12. The connected Nessus/ALPINE entries confirm the vulnerability and the fix ve...