Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-25153: Redirecting…

The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup.

CVE
Open in Source
#ssl

Click here if you are not redirected.

Related news

Serious vulnerabilities found in ITarian software, patches available for SaaS products

Researchers at DIVD found vulnerabilities in ITarian products and worked with the vendor to develop patches. These patches are now available. The post Serious vulnerabilities found in ITarian software, patches available for SaaS products appeared first on Malwarebytes Labs.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE