Stack overflow

In PHP version 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE...

CVE-2023-3824 Buffer overflow and overread in phar_dir_read()

In PHP version 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE...

CVE-2023-3824

In PHP version 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE...

CVE-2023-3824

CVE-2023-3824 affects PHP runtimes 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8. When loading a PHAR file and reading PHAR directory entries, PHP may fail an insufficient length check, allowing a stack buffer overflow that can cause memory corruption and potentially remote cod...

CVE-2023-3824

In PHP version 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE...

16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks

A set of 16 high-severity security flaws have been disclosed in the CODESYS V3 software development kit SDK that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology OT environments. The flaws, tracked from CVE-2022-47378...

Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS

Microsoft’s cyberphysical system researchers recently identified multiple high-severity vulnerabilities in the CODESYS V3 software development kit SDK, a software development environment widely used to program and engineer programmable logic controllers PLCs. Exploitation of the discovered...

CVE-2023-3824

In PHP version 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE...

Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS

Microsoft’s cyberphysical system researchers recently identified multiple high-severity vulnerabilities in the CODESYS V3 software development kit SDK, a software development environment widely used to program and engineer programmable logic controllers PLCs. Exploitation of the discovered...

Fedora 37 : php (2023-c68f2227e6)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c68f2227e6 advisory. PHP version 8.1.22 03 Aug 2023 Build: Fixed bug GH-11522 PHP version check fails with '-' separator. SVGAnimate CLI: Fix interrupted CLI output...

CVE-2023-35085

An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution RCE. Affected Products: All UniFi Access Points Version 6.5.50 and earlier All UniFi Switches Version...

Command injection

A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution RCE. Affected Products: All UniFi Access Points Version 6.5.53 and earlier All UniFi Switches Version 6.5.32 and earlier -USW...

CVE-2023-35085

The CVE-2023-35085 issue is an integer overflow in UniFi devices (APs and switches, excluding USW Flex Mini) when SNMP monitoring is enabled with default settings, potentially allowing remote code execution (RCE). Affected: UniFi Access Points (v6.5.50 and earlier) and UniFi Switches (v6.5.32 and...

CVE-2023-38034

A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution RCE. Affected Products: All UniFi Access Points Version 6.5.53 and earlier All UniFi Switches Version 6.5.32 and earlier -USW...

CVE-2023-38034

The CVE-2023-38034 issue is a command-injection vulnerability in the DHCP Client function affecting Ubiquiti UniFi devices (APs and Switches, excluding Switch Flex Mini). The exposed components are the DHCP client on UniFi Access Points (versions up to 6.5.53) and UniFi Switches (versions up to 6...

CVE-2023-38034

A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution RCE. Affected Products: All UniFi Access Points Version 6.5.53 and earlier All UniFi Switches Version 6.5.32 and earlier -USW...

SSRF Blind in the image upload module via url

Description Web application with the function of uploading images through a link provided by the user . This access error leads to RCE and scanning of intranet ports Proof of Concept Link video Poc https://drive.google.com/file/d/17fksa8odZAqCuqRQbOCutc9I7eoNun-/view?usp=sharing Steps 1 . Use a...

Microsoft’s August Patch Tuesday Addresses Active Zero-Day Exploits

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary In the August Patch Tuesday release, Microsoft addressed a total of 73 CVEs, encompassing six critical and 67 important vulnerabilities. Within this range of vulnerabilities, the security update...

August Patch Tuesday stops actively exploited attack chain and more

Augusts Patch Tuesday is a lot quieter than it was last month, when Microsoft patched a whopping 130 vulnerabilities. That number went down to 87 this month but it does include two actively exploited vulnerabilities. Lets start by looking at those two: CVE-2023-38180 CVSS score 7.5 out of 10: a...

Microsoft PowerPoint 2013 SP1 RCE Vulnerability (KB5002399)

This host is missing an important security update according to Microsoft KB5002399 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...