BACK TO INTEL

Archives

Classification

No categories extracted.

Feed

Verified advisories, vulnerability disclosures, and architectural research.

CVE-2023-23376

In-Depth Analysis: CVE-2023-23376 Windows CLFS Driver Privilege Escalation

Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.

Windows
View Detail
CVE-2023-24880

CVE-2023-24880: Critical Windows SmartScreen Security Bypass Advisory and Analysis

Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.

Windows
View Detail
CVE-2019-1388

Deep Analysis: CVE-2019-1388 Microsoft Windows Certificate Dialog Elevation of Privilege Vulnerability

Microsoft Windows Certificate Dialog contains a privilege escalation vulnerability, allowing attackers to run processes in an elevated context.

Windows
View Detail
CVE-2023-28252

CVE-2023-28252: Critical Windows CLFS Driver Privilege Escalation Advisory

Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.

Windows
View Detail
CVE-2021-45046

Critical Security Advisory: Addressing the Apache Log4j2 Incomplete Fix (CVE-2021-45046)

Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, where the Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.

Log4j2
View Detail
CVE-2023-34362

CVE-2023-34362: Critical SQL Injection in Progress MOVEit Transfer Demands Immediate Action

Progress MOVEit Transfer contains a SQL injection vulnerability that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database.

MOVEit Transfer
View Detail
CVE-2023-27997

CVE-2023-27997: Critical Fortinet SSL-VPN Heap Buffer Overflow Remediation Guide

Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests.

FortiOS and FortiProxy SSL-VPN
View Detail
CVE-2023-36884

Critical Advisory: Resolving the CVE-2023-36884 Windows Search Remote Code Execution Vulnerability

Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution.

Windows
View Detail
CVE-2023-3519

CVE-2023-3519: Critical Citrix NetScaler ADC and Gateway Code Injection Advisory

Citrix NetScaler ADC and NetScaler Gateway contains a code injection vulnerability that allows for unauthenticated remote code execution.

NetScaler ADC and NetScaler Gateway
View Detail
CVE-2023-38035

CVE-2023-38035: Critical Ivanti Sentry Authentication Bypass Vulnerability Advisory

Ivanti Sentry, formerly known as MobileIron Sentry, contains an authentication bypass vulnerability that may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.

Ivanti Sentry
View Detail
CVE-2023-20269

CVE-2023-20269: Mitigating Unauthorized Access in Cisco ASA and Firepower Threat Defense VPNs

Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or establish a clientless SSL VPN session with an unauthorized user.

Adaptive Security Appliance and Firepower Threat Defense
View Detail
CVE-2023-22515

CVE-2023-22515: Critical Zero-Day Access Control Vulnerability in Atlassian Confluence

Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence.

Confluence Data Center and Server
View Detail
12345678