Shannon Baseband NrmmMsgCodec Extended Emergency Number List Heap Buffer Overflow
Authored by Ivan Fratric, Google Security Research
There is a heap buffer overflow in Shannon baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according...
Shannon Baseband NrmmMsgCodec Access Category Definitions Heap Buffer Overflow
Authored by Ivan Fratric, Google Security Research
There is a heap buffer overflow in Shannon Baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according...
Riello UPS Restricted Shell Bypass
Authored by Ricardo Jose Ruiz Fernandez
Riello UPS systems can have their restricted configuration shell bypassed to gain full underlying operating system access.
Change Mirror Download
I. VULNERABILITY-------------------------Riello UPS systems allow to...
Shannon Baseband NrmmMsgCodec Intra-Object Overflow
Authored by Ivan Fratric, Google Security Research
There is an intra-object overflow in Shannon Baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to...
Open Web Analytics 1.7.3 Remote Code Execution
Authored by Jacob Ebben, Dennis Pfleger | Site metasploit.com
Open Web Analytics (OWA) versions prior to 1.7.4 allow an unauthenticated remote attacker to obtain sensitive user information, which can be...
Fastly Secret Disclosure
Authored by Andrey Stoykov
Fastly suffers from the poor practice of sending a temporary password in plaintext.
Change Mirror Download
Correspondence from Fastly declined to comment regarding new discoveredvulnerabilities within their website.Poor...
Linux USB Use-After-Free
Authored by Jann Horn, Google Security Research
Linux USB usbnet tells minidrivers to unbind while netdev is still up, causing use-after-free conditions.
Apache Tomcat Privilege Escalation
Authored by h00die, Dawid Golunski | Site metasploit.com
This Metasploit module exploits a vulnerability in RedHat based systems where improper file permissions are applied to /usr/lib/tmpfiles.d/tomcat.conf for Apache Tomcat versions...
Oracle DB Broken PDB Isolation / Metadata Exposure
Authored by Emad Al-Mousa
Proof of concept details for Oracle database versions 12.1.0.2, 12.2.0.1, 18c, and 19c that had a PDB isolation vulnerability allowing viewing of metadata for a different...
WordPress Profile Builder 3.9.0 Missing Authorization
Authored by Lana Codes | Site wordfence.com
WordPress Profile Builder plugin versions 3.9.0 and below suffer from a missing authorization vulnerability in wppb_toolbox_usermeta_handler().
advisories | CVE-2023-0814
Change Mirror Download
Description: Profile Builder –...