Posted by Jens Regel | CRISEC on Sep 08
Title:
======
AVEVA InTouch Access Anywhere Secure Gateway – Path Traversal
Author:
=======
Jens Regel, CRISEC IT-Security
CVE:
====
CVE-2022-23854
Advisory:
=========
https://crisec.de/advisory-aveva-intouch-access-anywhere-secure-gateway-path-traversal/
Timeline:
=========
25.06.2021 Vulnerability discovered
25.06.2021 Send details to custfirstsupport () aveva com
21.09.2021 Vendor response, fix is available until Q1/2022
25.09.2021 Vendor…
More Stories
iwd-3.3-1.fc40 libell-0.71-1.fc40
FEDORA-2024-0fa283c43a Packages in this update: iwd-3.3-1.fc40 libell-0.71-1.fc40 Update description: iwd 3.3: Fix issue with handling External Authentication. iwd 3.2: Fix...
iwd-3.3-1.fc41 libell-0.71-1.fc41
FEDORA-2024-256818da09 Packages in this update: iwd-3.3-1.fc41 libell-0.71-1.fc41 Update description: iwd 3.3: Fix issue with handling External Authentication. iwd 3.2: Fix...
A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
A vulnerability has been discovered in Apache Struts2, which could allow for remote code execution. Apache Struts2 is an open-source...
CyberDanube Security Research 20241219-0 | Authenticated Remote Code Execution in Ewon Flexy 205
Posted by Thomas Weber | CyberDanube via Fulldisclosure on Dec 21 CyberDanube Security Research 20241219-0 ------------------------------------------------------------------------------- title| Authenticated Remote Code...
USN-7179-1: Linux kernel vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote...
USN-7173-2: Linux kernel vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to...