Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution | allinfosecnews.com

June 28, 2023, 12:31 p.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

SQL injection vulnerabilities in Gentoo Soko could lead to remote code execution (RCE) on impacted systems. SonarSource researchers discovered two SQL injection vulnerabilities in Gentoo Soko, collectively tracked as CVE-2023-28424 (CVSS score: 9.1) [1],[2], that can be exploited by a remote attacker to execute arbitrary code on vulnerable systems. “The two package search handlers, Search […]

The post Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution appeared first on Security Affairs.

breaking news code code execution critical cve cvss exploited flaws gentoo gentoo soko hacking information security news injection it information security pierluigi paganini rce remote code remote code execution researchers score security sonarsource sql sql injection sql injection vulnerabilities systems vulnerabilities

More from securityaffairs.co / Security Affairs

Law enforcement agencies identified LockBit ransomware admin and sanctioned him 5 hours ago | securityaffairs.co

admin agency breaking news crime +19

MITRE attributes the recent attack to China-linked UNC5221 12 hours ago | securityaffairs.co

april apt attack attacker +17

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering 19 hours ago | securityaffairs.co

alexander vinnik breaking news btc btc-e +22

City of Wichita hit by a ransomware attack 1 day, 12 hours ago | securityaffairs.co

attack breach breaking news city +19

El Salvador suffered a massive leak of biometric data 1 day, 15 hours ago | securityaffairs.co

biometric biometric data breaking news dark +18

Finland authorities warn of Android malware campaign targeting bank users 1 day, 19 hours ago | securityaffairs.co

accounts agency android android malware +24

Ransomware drama: Law enforcement seized Lockbit group’s website again 2 days, 3 hours ago | securityaffairs.co

administrators breaking news cyber crime cybercrime +19

NATO and the EU formally condemned Russia-linked APT28 cyber espionage 2 days, 12 hours ago | securityaffairs.co

actor apt apt28 blizzard +25

Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION 2 days, 14 hours ago | securityaffairs.co

articles attack blackbasta box +20

Red Team Penetration Tester and Operator, Junior

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com

Director, Security Operations & Risk Management

@ Live Nation Entertainment | Toronto, ON

View on infosec-jobs.com

IT and Security Specialist APAC (F/M/D)

@ Flowdesk | Singapore, Singapore, Singapore

View on infosec-jobs.com

Senior Security Controls Assessor

@ Capgemini | Washington, DC, District of Columbia, United States; McLean, Virginia, United States

View on infosec-jobs.com

GRC Systems Solution Architect

@ Deloitte | Midrand, South Africa

View on infosec-jobs.com

Cybersecurity Subject Matter Expert (SME)

@ SMS Data Products Group, Inc. | Fort Belvoir, VA, United States

View on infosec-jobs.com