This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-B. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Monthly Archives: June 2023
ZDI-23-817: Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-B. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
A Vulnerability in Barracuda Email Security Gateway Could Allow for Remote Command Injection
A Vulnerability has been discovered in Barracuda Email Security Gateway (ESG) which could allow for remote code injection. Barracuda Email Security Gateway is an email security gateway that manages and filters all inbound and outbound email traffic to protect organizations from email-borne threats and data leaks. Successful exploitation of this vulnerability could allow for unauthenticated remote attackers to execute arbitrary code on the server in the context of the System user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.