![]() ![]() □ CVE-2024-2400Use after free in Performance Manager in Google Chrome prior to 1.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. This CVE only affects Linux and macOS PaperCut NG/MF 03:37:31 The attacker must carry out some reconnaissance to gain knowledge of a system token. □ CVE-2024-1221This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a specifically formed payload against the impacted API endpoint. ![]() An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit 03:37:32 □ CVE-2024-1654This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. □ CVE-2024-25649In Delinea PAM Secret Server 11.4, it is possible for an attacker (with Administrator access to the Secret Server machine) to read the following data from a memory dump: the decrypted master key, database credentials (when SQL Server Authentication is enabled), the encryption key of RabbitMQ queue messages, and session 03:37:33 □ CVE-2024-25652In Delinea PAM Secret Server 11.4, it is possible for a user (with access to the Report functionality) to gain unauthorized access to remote sessions created by legitimate 03:37:36 □ CVE-2024-1882This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application 03:37:37 When an unsuspecting user clicks on this malicious link, it could potentially lead to limited loss of confidentiality, integrity or 04:37:43 An attacker can exploit this weakness by crafting a malicious URL that contains a script. □ CVE-2024-1883This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. □ CVE-2024-22398An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in SonicWall Email Security Appliance could allow a remote attacker with administrative privileges to conduct a directory traversal attack and delete arbitrary files from the appliance file 04:37:44 ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |