AttackerKB
attackerkb
New assessment for topic: CVE-2023-7028
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"Tested on Gitlab CE 16.6.1 ..."
Link: https://www.attackerkb.com/assessments/e4f7a426-1beb-45a4-ac47-b2f56237be20
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"Tested on Gitlab CE 16.6.1 ..."
Link: https://www.attackerkb.com/assessments/e4f7a426-1beb-45a4-ac47-b2f56237be20
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-35737
Topic description: "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. ..."
"CVE-2022-35737 is a vulnerability in SQLite, specifically in versions 1.0.12 through 3.39.x before 3.39.2 ..."
Link: https://www.attackerkb.com/assessments/eab8c044-5a9c-4a4b-91f7-7eec584f2127
Topic description: "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. ..."
"CVE-2022-35737 is a vulnerability in SQLite, specifically in versions 1.0.12 through 3.39.x before 3.39.2 ..."
Link: https://www.attackerkb.com/assessments/eab8c044-5a9c-4a4b-91f7-7eec584f2127
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-46805
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"CVE-2023-46805 is an authentication bypass vulnerability found in the web component of Ivanti Connect Secure (ICS), which was previously known as Pulse Connect Secure and Ivanti Policy Secure ..."
Link: https://www.attackerkb.com/assessments/5199772a-a6f1-486c-b961-5ea1b01f3a5f
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"CVE-2023-46805 is an authentication bypass vulnerability found in the web component of Ivanti Connect Secure (ICS), which was previously known as Pulse Connect Secure and Ivanti Policy Secure ..."
Link: https://www.attackerkb.com/assessments/5199772a-a6f1-486c-b961-5ea1b01f3a5f
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-21887
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"CVE-2024-21887 is a command injection vulnerability in the web component of Ivanti Connect Secure (ICS) and Ivanti Policy Secure ..."
Link: https://www.attackerkb.com/assessments/8ab073cf-5e59-456d-9ac7-a54585f6a444
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"CVE-2024-21887 is a command injection vulnerability in the web component of Ivanti Connect Secure (ICS) and Ivanti Policy Secure ..."
Link: https://www.attackerkb.com/assessments/8ab073cf-5e59-456d-9ac7-a54585f6a444
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-21650
Topic description: "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it ..."
"XWiki is a Java-based, highly customizable and extensible enterprise-level Wiki platform, offering cross-database support, a powerful plugin system, a flexible template engine, and comprehensive security management, suitable for knowledge management and collaboration across various business needs. ..."
Link: https://www.attackerkb.com/assessments/cd0d2dd8-7716-4d16-b30a-4c470e9d57ed
Topic description: "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it ..."
"XWiki is a Java-based, highly customizable and extensible enterprise-level Wiki platform, offering cross-database support, a powerful plugin system, a flexible template engine, and comprehensive security management, suitable for knowledge management and collaboration across various business needs. ..."
Link: https://www.attackerkb.com/assessments/cd0d2dd8-7716-4d16-b30a-4c470e9d57ed
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-4911
Topic description: "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable ..."
"This is a privilege escalation vulnerability in the dynamic loader of glibc ..."
Link: https://www.attackerkb.com/assessments/bb155c59-1ee8-4dd0-a23e-830763217741
Topic description: "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable ..."
"This is a privilege escalation vulnerability in the dynamic loader of glibc ..."
Link: https://www.attackerkb.com/assessments/bb155c59-1ee8-4dd0-a23e-830763217741
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-7102
Topic description: "Use of a Third Party library produced a vulnerability in Barracuda Networks Inc ..."
"Rapid7 has confirmed indicators of compromise from this zero-day attack in multiple customer environments ..."
Link: https://www.attackerkb.com/assessments/c8000a4e-9d28-4272-b895-486c41b09cda
Topic description: "Use of a Third Party library produced a vulnerability in Barracuda Networks Inc ..."
"Rapid7 has confirmed indicators of compromise from this zero-day attack in multiple customer environments ..."
Link: https://www.attackerkb.com/assessments/c8000a4e-9d28-4272-b895-486c41b09cda
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-50445
Topic description: "Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the get_system_log and get_crash_log functions of the logread module, as well as the upgrade_online function of the upgrade module. ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/c7795d26-0464-417f-88e9-64268a6d10c0
Topic description: "Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the get_system_log and get_crash_log functions of the logread module, as well as the upgrade_online function of the upgrade module. ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/c7795d26-0464-417f-88e9-64268a6d10c0
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-50919
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/ae4e1e4a-8775-4d8d-adc9-bcf6e9546117
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"[metadata only] ..."
Link: https://www.attackerkb.com/assessments/ae4e1e4a-8775-4d8d-adc9-bcf6e9546117
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-49070
Topic description: " ..."
"CVE-2023-49070 is a critical security vulnerability in Apache OFBiz, a comprehensive open-source enterprise resource planning (ERP) system ..."
Link: https://www.attackerkb.com/assessments/7bf5ccde-3d3c-49a0-af90-f061a69cb092
Topic description: " ..."
"CVE-2023-49070 is a critical security vulnerability in Apache OFBiz, a comprehensive open-source enterprise resource planning (ERP) system ..."
Link: https://www.attackerkb.com/assessments/7bf5ccde-3d3c-49a0-af90-f061a69cb092
0
0
0