Cloud Software Group Security Advisory for CVE-2024-6387

Advisory for 3rd party CVE-2024-6387 Cloud Software Group is aware of the vulnerability CVE-2024-6387 impacting OpenSSH. Qualys has discovered a remote unauthenticated code execution vulnerability in OpenSSH’s server sshd in glibc-based Linux systems. Because this vulnerability is a regression of...

regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

The Qualys Threat Research Unit TRU has discovered a Remote Unauthenticated Code Execution RCE vulnerability in OpenSSH’s server sshd in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387. The vulnerability, which is a signal handler race condition in OpenSSHs server...

CVE-2015-9246

CVE-2015-9246 affects Skybox Platform; remote unauthenticated code execution via a WAR containing a JSP is possible. The WAR is delivered to /skyboxview-softwareupdate/services/CollectorSoftwareUpdate and the JSP executes at /opt/skyboxview/thirdparty/jboss/server/web/work/jboss.web/localhost. Af...

Microsoft SMB NT Trans2 Request Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to trigger a denial of service condition on vulnerable installations of Microsoft Windows; remote code execution is also theoretically possible. User interaction is not required to exploit this vulnerability. The specific flaw exists in the processing of...