Test Blog - Cloud WAF

CVE-2024-6983 : MUDLER LOCALAI UP TO 2.19.3 CONFIGURATION FILE CODE INJECTION

Description mudler/localai version 2.17.1 is vulnerable to remote code execution. The vulnerability arises because the localai backend receives inputs not only from the configuration file…

Common Vulnerabilities and Exposures

CVE-2024-46847 : LINUX KERNEL UP TO 6.6.50/6.10.9 NEW_VMAP_BLOCK ARRAY INDEX

Description In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: ensure vmap_block is initialised before adding to queue Commit 8c61291fd850 ("mm: fix…

Common Vulnerabilities and Exposures

CVE-2024-6593 : WATCHGUARD AUTHENTICATION GATEWAY UP TO 12.10.2 ON WINDOWS MANAGEMENT COMMAND AUTHORIZATION

Description Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows allows an attacker with network access to execute restricted management commands.…

Common Vulnerabilities and Exposures

CVE-2024-9043 : CELLOPOINT SECURE EMAIL GATEWAY UP TO 4.5.0 PACKETS STACK-BASED OVERFLOW

Description Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Remote unauthenticated attackers can send crafted packets to crash the process, thereby…

Common Vulnerabilities and Exposures

CVE-2024-9035 : CODE-PROJECTS BLOOD BANK MANAGEMENT SYSTEM 1.0 ADMIN LOGIN /ADMIN/LOGIN.PHP USERNAME/PASSWORD SQL INJECTION

Description A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. This affects an unknown part of the…

Common Vulnerabilities and Exposures

CVE-2024-46983 : SOFASTACK SOFA-HESSIAN UP TO 3.5.4 SOFA HESSIAN PROTOCOL INJECTION

Description sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict…