Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2023-34353: TALOS-2023-1776 || Cisco Talos Intelligence Group

An authentication bypass vulnerability exists in the OAS Engine authentication functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted network sniffing can lead to decryption of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.

CVE
Open in Source
#vulnerability#windows#linux#cisco#intel#auth#docker
CVE-2023-35124: TALOS-2023-1775 || Cisco Talos Intelligence Group

An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2023-34994: TALOS-2023-1773 || Cisco Talos Intelligence Group

An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to creation of an arbitrary directory. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2023-31242: TALOS-2023-1769 || Cisco Talos Intelligence Group

An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially-crafted series of network requests can lead to arbitrary authentication. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2023-34317: TALOS-2023-1772 || Cisco Talos Intelligence Group

An improper input validation vulnerability exists in the OAS Engine User Creation functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2023-34998: TALOS-2023-1770 || Cisco Talos Intelligence Group

An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary authentication. An attacker can sniff network traffic to trigger this vulnerability.

CVE-2023-32271: TALOS-2023-1774 || Cisco Talos Intelligence Group

An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2023-32615: TALOS-2023-1771 || Cisco Talos Intelligence Group

A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability.

Freefloat FTP Server 1.0 Buffer Overflow

Freefloat FTP Server version 1.0 suffers from a remote buffer overflow vulnerability.

Kingo ROOT 1.5.8 Unquoted Service Path

Kingo ROOT version 1.5.8 suffers from an unquoted service path vulnerability.