#rce

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-29331: A vulnerability was found in dotnet. This issue can lead to a denial of service while processing X509 Certificates. * CVE-2023-29337: A vulnerability was found in dotnet. This issue exists in NuGet where a potential race condition can lead to a symlink attack. * CVE-2023-33128: A vulnerability was found in dotnet. This...

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-29331: A vulnerability was found in dotnet. This issue can lead to a denial of service while processing X509 Certificates. * CVE-2023-29337: A vulnerability was found in dotnet. This issue exists in NuGet where a potential race condition can lead to a symlink attack. * CVE-2023-33128: A vulnerability was found in dotnet. This...

An issue in Eramba Limited Eramba Enterprise v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL.

File Upload vulnerability in Total CMS v.1.7.4 allows a remote attacker to execute arbitrary code via a crafted PHP file to the edit page function.

Checkpoint Gaia Portal version R81.10 suffers from a remote command execution vulnerability.

Red Hat Security Advisory 2023-4428-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-4413-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include a code execution vulnerability.

Categories: Personal Tags: Minecraft Tags: mod Tags: forge Tags: players Tags: vulnerability Tags: RCE Tags: bleedingpipe Tags: malware Minecraft players interested in modding are at risk from a remote code execution vulnerability targeting both players and servers. (Read more...) The post Minecraft fans beware: Players and servers at risk from BleedingPipe vulnerability appeared first on Malwarebytes Labs.

Red Hat Security Advisory 2023-4419-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include a code execution vulnerability.

A vulnerability has been discovered in Xiaomi routers that could allow command injection through an external interface. This vulnerability arises from inadequate filtering of responses returned from the external interface. Attackers could exploit this vulnerability by hijacking the ISP or an upper-layer router to gain privileges on the Xiaomi router. Successful exploitation of this flaw could permit remote code execution and complete compromise of the device.