Privilege escalation

HashiCorp Boundary up to 0.10.1 did not properly perform data integrity checks to ensure the resources were associated with the correct scopes, allowing potential privilege escalation for authorized users of another scope. Fixed in Boundary 0.10.2...

HashiCorp Boundary 数据伪造问题漏洞

HashiCorp Boundary is an open source solution from the US-based HashiCorp Inc. It automates secure identity-based user access to hosts and services across environments. A security vulnerability exists in HashiCorp Boundary versions prior to 0.10.1 that stems from not properly performing data...

The vulnerability of the CMPLink/TCP protocol implementation in the microprogramming software for programmable logic controllers TOYOPUC allows a hacker to execute arbitrary code.

The vulnerability of the CMPLink/TCP protocol implementation in the microprogramming software for programmable logic controllers TOYOPUC is related to insufficient verification of data authenticity. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

Quicktime < 6.5.2

The remote Mac OS X host is running a version of Quicktime that is older than Quicktime 6.5.2. The remote version of this software reportedly fails to check bounds properly when decoding BMP images, leading to a heap overflow. If a remote attacker can trick a user into opening a maliciously craft...