Aggregator

CVE-2021-43566 | Samba up to 4.13.15 SMB1/NFS access control (Nessus ID 261345 / WID-SEC-2023-2979)

Vuldb Updates
3 months ago
A vulnerability was found in Samba up to 4.13.15. It has been rated as critical. Affected by this issue is some unknown functionality of the component SMB1/NFS. This manipulation causes improper access controls. This vulnerability is registered as CVE-2021-43566. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.
vuldb.com

CVE-2021-20283 | Moodle up to 3.5.16/3.8.7/3.9.4/3.10.1 Web Service authorization (Nessus ID 261351)

Vuldb Updates
3 months ago
A vulnerability was found in Moodle up to 3.5.16/3.8.7/3.9.4/3.10.1. It has been rated as critical. This affects an unknown part of the component Web Service. This manipulation causes incorrect authorization. This vulnerability appears as CVE-2021-20283. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is advised.
vuldb.com

CVE-2019-17371 | libpng 1.6.37 png_malloc_warn/png_create_info_struct release of resource (Issue 307 / Nessus ID 261352)

Vuldb Updates
3 months ago
A vulnerability categorized as problematic has been discovered in libpng 1.6.37. This vulnerability affects the function png_malloc_warn/png_create_info_struct. The manipulation results in missing release of resource. This vulnerability is identified as CVE-2019-17371. The attack can be executed remotely. There is not any exploit available.
vuldb.com

Progress OpenEdge AdminServer Vulnerability Let Attackers Execute Remote Code

Cyber Security News
3 months ago

A critical security vulnerability has been discovered in Progress OpenEdge, a platform for developing and deploying business applications. The flaw, identified as CVE-2025-7388, allows for remote code execution (RCE) and affects multiple versions of the software, potentially enabling attackers to execute arbitrary commands with elevated system privileges. The vulnerability resides in the AdminServer component of […]

The post Progress OpenEdge AdminServer Vulnerability Let Attackers Execute Remote Code appeared first on Cyber Security News.

Guru Baran

Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack

Cyber Security News
3 months ago

A severe vulnerability in Windows Defender’s update process allows attackers with administrator privileges to disable the security service and manipulate its core files. The technique, which leverages a flaw in how Defender selects its execution folder, can be carried out using tools already available on the Windows operating system. The vulnerability was detailed by Zero […]

The post Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack appeared first on Cyber Security News.

Guru Baran

CVE-2020-5283 | ViewVC up to 1.1.27/1.2.0 CVS show_subdir_lastmod cross site scripting (Nessus ID 261354)

Vuldb Updates
3 months ago
A vulnerability labeled as problematic has been found in ViewVC up to 1.1.27/1.2.0. This impacts an unknown function of the component CVS show_subdir_lastmod. Executing manipulation can lead to basic cross site scripting. This vulnerability is tracked as CVE-2020-5283. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.
vuldb.com

CVE-2019-6970 | Moodle 3.5.0/3.5.1/3.5.2/3.5.3 server-side request forgery (Nessus ID 261353)

Vuldb Updates
3 months ago
A vulnerability classified as critical was found in Moodle 3.5.0/3.5.1/3.5.2/3.5.3. Affected by this issue is some unknown functionality. Executing manipulation can lead to server-side request forgery. The identification of this vulnerability is CVE-2019-6970. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is advised.
vuldb.com

Managed ad