Category Archives: Advisories

CVE-2021-32958

Read Time:20 Second

Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions 3.0 through 3.2 allows an attacker with local command line interface access to gain the secret key, subsequently allowing them to generate valid session tokens for the web user interface (UI). With access to the web UI an attacker can access assets managed by the SRA installation and could compromise the installation.

Read More

python-ujson-5.3.0-1.el9

Read Time:25 Second

FEDORA-EPEL-2022-d81bc92178

Packages in this update:

python-ujson-5.3.0-1.el9

Update description:

5.3.0

Added

Test Python 3.11 beta

Changed

Benchmark refactor – argparse CLI

Fixed

Fix segmentation faults when errors occur while handling unserialisable objects
Fix segmentation fault when an exception is raised while converting a dict key to a string
Fix memory leak dumping on non-string dict keys
Fix ref counting on repeated default function calls
Remove redundant wheel dependency from pyproject.toml

Read More

CVE-2021-32935

Read Time:11 Second

The affected Cognex product, the In-Sight OPC Server versions v5.7.4 (96) and prior, deserializes untrusted data, which could allow a remote attacker access to system level permission commands and local privilege escalation.

Read More

CVE-2021-32941

Read Time:13 Second

Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root).

Read More