This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8.
Daily Archives: July 23, 2024
ZDI-24-954: (0Day) Comodo Firewall Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Firewall. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8.
ZDI-24-955: (0Day) Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8.
ZDI-24-956: (0Day) Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8.
ZDI-24-957: (0Day) Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8.
CyberDanube Security Research 20240722-0 | Multiple Vulnerabilities in Perten/PerkinElmer ProcessPlus
Posted by Thomas Weber via Fulldisclosure on Jul 22
CyberDanube Security Research 20240722-0
——————————————————————————-
title| Multiple Vulnerabilities
product| Perten Instruments Process Plus Software
vulnerable version| <=1.11.6507.0
fixed version| 2.0.0
CVE number| CVE-2024-6911, CVE-2024-6912, CVE-2024-6913
impact| High
homepage| https://perkinelmer.com…
USN-6905-1: Rack vulnerabilities
It was discovered that Rack incorrectly handled certain regular
expressions. A remote attacker could possibly use this issue to cause
Rack to consume resources, leading to a denial of service.
(CVE-2023-27539)
It was discovered that Rack incorrectly handled Multipart MIME parsing.
A remote attacker could possibly use this issue to cause Rack to consume
resources, leading to a denial of service. This issue only affected
Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-27530)