ZDI-23-216: Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code...
ZDI-23-215: Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code...
ZDI-23-214: NETGEAR CAX30S SSO Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR CAX30S routers. Authentication is not required to exploit this vulnerability. Read...
ZDI-23-213: SolarWinds Network Performance Monitor WorkerControllerWCFProxy Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. Read...
dcmtk-3.6.4-11.el8
FEDORA-EPEL-2023-40e1d58afe Packages in this update: dcmtk-3.6.4-11.el8 Update description: This update contains several high and critical security fixes. CVE-2021-41687/CVE-2021-41688/CVE-2021-41690 CVE-2021-41689 CVE-2022-2119/CVE-2022-2120/CVE-2022-2121 CVE-2022-43272 It also switches to...
dcmtk-3.6.6-12.el9
FEDORA-EPEL-2023-c14f77e922 Packages in this update: dcmtk-3.6.6-12.el9 Update description: This update contains several high and critical security fixes. CVE-2021-41687/CVE-2021-41688/CVE-2021-41690 CVE-2021-41689 CVE-2022-2119/CVE-2022-2120/CVE-2022-2121 CVE-2022-43272 It also switches to...
[CVE-2023-25355/25356] No fix available – vulnerabilities in CoreDial sipXcom sipXopenfire
Posted by Systems Research Group via Fulldisclosure on Mar 06 Read More
SEC Consult SA-20230306-0 :: Multiple Vulnerabilities in Arris DG3450 Cable Gateway
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Mar 06 SEC Consult Vulnerability Lab Security Advisory < 20230306-0 > ======================================================================= title: Multiple Vulnerabilities...
OpenBSD overflow
Posted by Erg Noor on Mar 06 Hi, Fun OpenBSD bug. ip_dooptions() will allow IPOPT_SSRR with optlen = 2. save_rte() will set isr_nhops to very...
containerd-1.6.19-1.fc38
FEDORA-2023-cd000ea847 Packages in this update: containerd-1.6.19-1.fc38 Update description: Update containerd to 1.16.19 - Mitigates CVE-2023-25153 / GHSA-259w-8hf6-59c2 - Mitigates CVE-2023-25173 / GHSA-hmfx-3pcx-653p Read More