VMware Addresses Multiple Vulnerabilities in vCenter Server (CVE-2023-34048 & CVE-2023-34056)

VMware vCenter Server is vulnerable to out-of-bounds write (CVE-2023-34048) and partial information disclosure (CVE-2023-34056) vulnerabilities. Successful exploitation of the vulnerabilities may result in access to critical data and remote code execution. CISA has added the CVE-2023-34048 to its Known Exploited Vulnerabilities Catalog and requested users to patch it before February 12, 2024.

Windows DNS Server Out-of-Bounds Write to Remote Code Execution Vulnerability (CVE-2021-26897)

According to Microsoft Security Bulletin published on March 09, 2021, seven vulnerabilities concerning Microsoft’s DNS server were corrected. These vulnerabilities, identified as CVE-2021-26877, CVE-2021-26897, CVE-2021-26893, CVE-2021-26894 and CVE-2021-26895, are considered critical. Among these, two allow a denial of service, while the five others allow an execution of remote arbitrary code. By default, DNS servers are … Continue reading “Windows DNS Server Out-of-Bounds Write to Remote Code Execution Vulnerability (CVE-2021-26897)”

Amnesia:33 – Multiple Vulnerabilities in Open-Source TCP/IP Stacks

AMNESIA:33 is a study published by Forescout Research Labs under Project Memoria. The study consists of a report on 33 new vulnerabilities found in TCP/IP stacks used by multiple IoT, OT and IT device vendors. AMNESIA:33 affects multiple open-source TCP/IP stacks, which means a single vulnerability tends to spread easily and silently across multiple codebases, … Continue reading “Amnesia:33 – Multiple Vulnerabilities in Open-Source TCP/IP Stacks”

VMware Multiple Vulnerabilities (VMSA-2020-0015)

VMware issued a new security advisory on 23rd June,2020. VMSA-2020-0015 Addressed the ten security vulnerabilities in various VMware products. Among these multiple vulnerabilities, a bug, CVE-2020-3962 is a critical vulnerability with a 9.3 CVSSv3 base score. Rest nine flaws are of Important and Moderate severity. Affected VMware Products: VMware ESXi VMware Workstation Pro/Player (Workstation) VMware … Continue reading “VMware Multiple Vulnerabilities (VMSA-2020-0015)”