Recently, Apache Tomcat issued a security notice regarding a remote code execution vulnerability (CVE-2024-50379) in certain versions. This vulnerability stems from a flaw in verifying file paths. If the default servlet is write enabled (readonly initialisation parameter set to the non-default ...
TP-Link is aware of reports that the REC vulnerability CVE-2023-1389 in AX21 has been added to the Mirai botnet Arsenal. TP-Link takes security vulnerabilities very seriously and actively deals with them upon receipt of notification. We have released firmware on the official website and pushed...
Recently, Apache Struts has released a security notice, disclosing a remote code execution vulnerability (CVE-2024-53677) in specific versions of Apache Struts. The vulnerability arises from a defect in the file upload logic. If FileUploadInterceptor is utilized in the code, attackers can ...
There is now a restriction on which types are allowed to be used in .xoml files. If an .xoml file that contains one of the newly unauthorized types is opened, you receive an error message that states that the type is unauthorized. To learn more abou...
IBM WebSphere Application Server traditional is vulnerable to a remote code execution vulnerability. This has been addressed. Vulnerability Details CVEID:CVE-2023-23477 DESCRIPTION: IBM WebSphere Application Server traditional could allow a remote attacker to execute arbitrary code on the system with a...
Microsoft CVE-2020-1046: .NET Framework Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/11/2020 Created 08/12/2020 Added 08/11/2020 Modified 01/31/2023 Description A remote code execution vulnerability exists when Microsoft .NET...
Security Vulnerability Released: Jul 11, 2023 Assigning CNA Microsoft CVE.org link CVE-2023-33134 Impact Remote Code Execution Max Severity Important Weakness CWE-502: Deserialization of Untrusted Data CVSS Source Microsoft Vector String CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H...
Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability 在此页中 CVE-2021-26443安全漏洞 发行版: 2021年11月9日 最后更新:2021年11月12日 Assigning CNA: Microsoft CVE-2021-26443 CVSS:3.1 9.0 / 7.8 Base score metrics: 9.0 / Temporal score metrics: 7.8 Expand all ...
The Qualys Threat Research Unit (TRU) has discovered a remote code execution vulnerability in OpenSSH’s forwarded ssh-agent. This vulnerability allows a remote…
Microsoft is aware that some customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received any security updates to protect their systems from CVE-2019-0708, which is a critical remote code execution vulnerability. ...