VU#434904: Dnsmasq is vulnerable to memory corruption and cache poisoning
Overview
Dnsmasq is vulnerable to a set of memory corruption issues handling DNSSEC data and a second set of issues validating …
CERT
VU#843464: SolarWinds Orion API authentication bypass allows remote command execution
Overview
The SolarWinds Orion API is vulnerable to authentication bypass that could allow a remote attacker to execute API …
VU#843464: SolarWinds Orion API authentication bypass allows remote comand execution
Overview
The SolarWinds Orion API is vulnerable to authentication bypass that could allow a remote attacker to execute API …
VU#429301: Veritas Backup Exec is vulnerable to privilege escalation due to OPENSSLDIR location
Overview
Veritas Backup Exec contains a privilege escalation vulnerability due to the use of an OPENSSLDIR …
VU#815128: Embedded TCP/IP stacks have memory corruption vulnerabilities
Overview
Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices, have …
VU#724367: VMware Workspace ONE Access and related components are vulnerable to command injection
Overview
VMware Workspace One Access, Access Connector, …
VU#231329: Replay Protected Memory Block (RPMB) protocol does not adequately defend against replay attacks
Overview
The Replay Protected Memory Block (RPMB) protocol found in several storage specifications does not securely protect …
VU#208577: Chocolatey Boxstarter is vulnerable to privilege escalation due to weak ACLs
Overview
Chocolatey Boxstarter fails to properly set ACLs, which can allow an unprivileged Windows user to be able to run …
VU#760767: Macrium Reflect is vulnerable to privilege escalation due to OPENSSLDIR location
Overview
Macrium Reflect contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable …
VU#208577: Chocolatey Boxstarter vulnerable to privilege escalation due to weak ACLs
Overview
Chocolatey Boxstarter fails to properly set ACLs, which can allow an unprivileged Windows user to be able to run …
VU#114757: Acronis backup software contains multiple privilege escalation vulnerabilities
Overview
Acronis True Image, Cyber Backup, and Cyber Protection all contain privilege escalation vulnerabilities, which can …
VU#490028: Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector
Overview
The Microsoft Windows Netlogon Remote Protocol (MS-NRPC) reuses a known, static, zero-value initialization vector (IV) …