VU#213092: Pulse Connect Secure contains a use-after-free vulnerability
Overview
Pulse Connect Secure (PCS) gateway contains a use-after-free vulnerability that can allow an unauthenticated remote …
CERT
VU#213092: Pulse Connect Secure contains multiple use-after-free vulnerabilities
Overview
Pulse Connect Secure (PCS) gateway contains multiple use-after-free vulnerabilities that can allow an unauthenticated …
VU#567764: MySQL for Windows is vulnerable to privilege escalation due to OPENSSLDIR location
Overview
MySQL for Windows contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable …
VU#213092: Pulse Connect Secure vulnerable to authentication bypass that could allow for remote code execution
Overview
Pulse Connect Secure (PCS) gateway contains a vulnerability that can allow an unauthenticated remote attacker to …
VU#794544: Sudo set_cmd() is vulnerable to heap-based buffer overflow
Overview
A heap-based overflow has been discovered in the set_cmd() function in sudo, which may allow a local …
VU#240785: Atlassian Bitbucket on Windows is vulnerable to privilege escalation due to weak ACLs
Overview
Atlassian Bitbucket on Windows fails to properly set ACLs, which can allow an unprivileged Windows user to run …
VU#466044: Siemens Totally Integrated Automation Portal vulnerable to privilege escalation due to Node.js paths
Overview
Siemens Totally Integrated Administrator (TIA) fails to properly set the module search path to be used by a privileged …
VU#794544: Heap-Based Buffer Overflow in Sudo
Overview
A heap-based overflow has been discovered in sudo, which may allow a local attacker to execute commands with elevated …
VU#125331: Adobe ColdFusion is vulnerable to privilege escalation due to weak ACLs
Overview
Adobe ColdFusion fails to properly set ACLs, which can allow an unprivileged Windows user to be able to run arbitrary …
VU#434904: Dnsmasq is vulnerable to memory corruption and cache poisoning
Overview
Dnsmasq is vulnerable to a set of memory corruption issues handling DNSSEC data and a second set of issues validating …
VU#843464: SolarWinds Orion API authentication bypass allows remote command execution
Overview
The SolarWinds Orion API is vulnerable to authentication bypass that could allow a remote attacker to execute API …
VU#843464: SolarWinds Orion API authentication bypass allows remote comand execution
Overview
The SolarWinds Orion API is vulnerable to authentication bypass that could allow a remote attacker to execute API …