VU#240785: Atlassian Bitbucket on Windows is vulnerable to privilege escalation due to weak ACLs
Overview
Atlassian Bitbucket on Windows fails to properly set ACLs, which can allow an unprivileged Windows user to run …
CERT
VU#466044: Siemens Totally Integrated Automation Portal vulnerable to privilege escalation due to Node.js paths
Overview
Siemens Totally Integrated Administrator (TIA) fails to properly set the module search path to be used by a privileged …
VU#794544: Heap-Based Buffer Overflow in Sudo
Overview
A heap-based overflow has been discovered in sudo, which may allow a local attacker to execute commands with elevated …
VU#125331: Adobe ColdFusion is vulnerable to privilege escalation due to weak ACLs
Overview
Adobe ColdFusion fails to properly set ACLs, which can allow an unprivileged Windows user to be able to run arbitrary …
VU#434904: Dnsmasq is vulnerable to memory corruption and cache poisoning
Overview
Dnsmasq is vulnerable to a set of memory corruption issues handling DNSSEC data and a second set of issues validating …
VU#843464: SolarWinds Orion API authentication bypass allows remote command execution
Overview
The SolarWinds Orion API is vulnerable to authentication bypass that could allow a remote attacker to execute API …
VU#843464: SolarWinds Orion API authentication bypass allows remote comand execution
Overview
The SolarWinds Orion API is vulnerable to authentication bypass that could allow a remote attacker to execute API …
VU#429301: Veritas Backup Exec is vulnerable to privilege escalation due to OPENSSLDIR location
Overview
Veritas Backup Exec contains a privilege escalation vulnerability due to the use of an OPENSSLDIR …
VU#815128: Embedded TCP/IP stacks have memory corruption vulnerabilities
Overview
Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices, have …
VU#724367: VMware Workspace ONE Access and related components are vulnerable to command injection
Overview
VMware Workspace One Access, Access Connector, …
VU#231329: Replay Protected Memory Block (RPMB) protocol does not adequately defend against replay attacks
Overview
The Replay Protected Memory Block (RPMB) protocol found in several storage specifications does not securely protect …
VU#208577: Chocolatey Boxstarter is vulnerable to privilege escalation due to weak ACLs
Overview
Chocolatey Boxstarter fails to properly set ACLs, which can allow an unprivileged Windows user to be able to run …