6 matches found
CBL Mariner 2.0 Security Update: curl (CVE-2024-6197)
The version of curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6197 advisory. - libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an...
Denial Of Service
kibana is vulnerable to Denial Of Service. The vulnerability is due to the ability of a high-privileged user to affect the availability of Kibana by uploading a maliciously crafted osquery pack. An attacker can disrupt Kibana's availability by exploiting this flaw...
GHSA-2M5G-8XPW-42VP OpenCFP Framework (Sentry) Account takeover via null password reset codes
OpenCFP, an open-source conference talk submission system written in PHP, contains a security vulnerability in its third-party authentication framework, Sentry, developed by Cartalyst. The vulnerability stems from how Sentry handles password reset checks. Users lacking a password reset token stor...
New Goldoon Botnet Targeting D-Link Devices by Exploiting 9-Year-Old Flaw
By Waqas A new botnet called Goldoon targets D-Link routers and NAS devices putting them at risk of DDoS attacks and more. Learn how weak credentials leave you vulnerable and how to secure your network. penspark This is a post from HackRead.com Read the original post: New Goldoon Botnet Targeting...
Updated bind packages fix security vulnerabilities
The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...
Arbitrary Code Execution
traceroute is vulnerable to Arbitrary Code Execution. A command-line argument parsing vulnerability in the traceroute utility allows an attacker to execute arbitrary code on a vulnerable system by exploiting a flaw in the way that traceroute parses command-line arguments...