Out-of-bounds write – Qualys ThreatPROTECT

VMware Addresses Multiple Vulnerabilities in vCenter Server (CVE-2023-34048 & CVE-2023-34056)

Posted by Diksha Ojha on October 25, 2023January 22, 2024

VMware vCenter Server is vulnerable to out-of-bounds write (CVE-2023-34048) and partial information disclosure (CVE-2023-34056) vulnerabilities. Successful exploitation of the vulnerabilities may result in access to critical data and remote code execution. CISA has added the CVE-2023-34048 to its Known Exploited Vulnerabilities Catalog and requested users to patch it before February 12, 2024.

Windows DNS Server Out-of-Bounds Write to Remote Code Execution Vulnerability (CVE-2021-26897)

Posted by Dhiren Vaghela on July 12, 2021July 12, 2021

According to Microsoft Security Bulletin published on March 09, 2021, seven vulnerabilities concerning Microsoft’s DNS server were corrected. These vulnerabilities, identified as CVE-2021-26877, CVE-2021-26897, CVE-2021-26893, CVE-2021-26894 and CVE-2021-26895, are considered critical. Among these, two allow a denial of service, while the five others allow an execution of remote arbitrary code. By default, DNS servers are … Continue reading “Windows DNS Server Out-of-Bounds Write to Remote Code Execution Vulnerability (CVE-2021-26897)”

Amnesia:33 – Multiple Vulnerabilities in Open-Source TCP/IP Stacks

Posted by Neelam Kadbane on December 14, 2020

AMNESIA:33 is a study published by Forescout Research Labs under Project Memoria. The study consists of a report on 33 new vulnerabilities found in TCP/IP stacks used by multiple IoT, OT and IT device vendors. AMNESIA:33 affects multiple open-source TCP/IP stacks, which means a single vulnerability tends to spread easily and silently across multiple codebases, … Continue reading “Amnesia:33 – Multiple Vulnerabilities in Open-Source TCP/IP Stacks”

VMware Multiple Vulnerabilities (VMSA-2020-0015)

Posted by Neelam Kadbane on July 8, 2020July 8, 2020

VMware issued a new security advisory on 23rd June,2020. VMSA-2020-0015 Addressed the ten security vulnerabilities in various VMware products. Among these multiple vulnerabilities, a bug, CVE-2020-3962 is a critical vulnerability with a 9.3 CVSSv3 base score. Rest nine flaws are of Important and Moderate severity. Affected VMware Products: VMware ESXi VMware Workstation Pro/Player (Workstation) VMware … Continue reading “VMware Multiple Vulnerabilities (VMSA-2020-0015)”