4 matches found
Orckestra C1 CMS's deserialization of untrusted data allows for arbitrary code execution.
Impact This vulnerability allows remote attackers to execute arbitrary code on affected installations of Orckestra C1 CMS. Authentication is required to exploit this vulnerability. The authenticated user may perform the actions unknowingly by visiting a specially crafted site. Patches Patched in ...
GHSA-GFHP-JGP6-838J Orckestra C1 CMS's deserialization of untrusted data allows for arbitrary code execution.
Impact This vulnerability allows remote attackers to execute arbitrary code on affected installations of Orckestra C1 CMS. Authentication is required to exploit this vulnerability. The authenticated user may perform the actions unknowingly by visiting a specially crafted site. Patches Patched in ...
Critical Security Patches Issued by Microsoft, Adobe and Other Major Software Firms
Microsoft's Patch Tuesday update for the month of March has been made officially available with 71 fixes spanning across its software products such as Windows, Office, Exchange, and Defender, among others. Of the total 71 patches, three are rated Critical and 68 are rated Important in severity...
Synology DiskStation Manager arbitrary file modification
Overview Synology DiskStation Manager versions 4.3-3776-3 and below contain a vulnerability that allows a remote unauthenticated user to append arbitrary data to an arbitrary file under root privileges. Description CWE-284: Improper Access Control - CVE-2013-6955Synology DiskStation Manager...