Tuxera ntfs-3g prior 2021.8.22 NTFS Image ntfs_get_attribute_value heap-based overflow

A vulnerability was found in Tuxera ntfs-3g and classified as problematic. Affected by this issue is the function ntfs_get_attribute_value of the component NTFS Image Handler. Upgrading to version 2021.8.22 eliminates this vulnerability.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-33595 : CPYTHON 3.12.0 ALPHA 7 /OBJECTS/UNICODEOBJECT.C ASCII_DECODE USE AFTER FREE

CVE-2023-33595 : CPYTHON 3.12.0 ALPHA 7 /OBJECTS/UNICODEOBJECT.C ASCII_DECODE USE AFTER FREE

Description CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c. References https://github.com/python/cpython/issues/103824

CVE-2023-33553 : PLANET WDRT-1800AX 1.01-CP2 COOKIE LOGINSTATUS IMPROPER AUTHENTICATION

CVE-2023-33553 : PLANET WDRT-1800AX 1.01-CP2 COOKIE LOGINSTATUS IMPROPER AUTHENTICATION

Description An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation

CVE-2023-20887 : VMWARE ARIA OPERATIONS FOR NETWORKS 6.X COMMAND INJECTION

CVE-2023-20887 : VMWARE ARIA OPERATIONS FOR NETWORKS 6.X COMMAND INJECTION

Description Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations