ZDI-24-117: Centreon updateGroups SQL Injection Remote Code Execution Vulnerability | allinfosecnews.com

Feb. 9, 2024, 6 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2024-23115.

arbitrary code attackers authentication centreon code code execution cve cves cvss exploit injection rating remote code remote code execution sql sql injection vulnerability zdi

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-427: Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability 23 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +17

ZDI-24-426: Adobe Acrobat Reader DC AcroForm Use-After-Free Information Disclosure Vulnerability 23 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +19

ZDI-24-425: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 23 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +18

ZDI-24-424: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 23 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +18

ZDI-24-423: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 23 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +18

ZDI-24-422: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 23 hours ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +18

ZDI-24-421: SonicWALL GMS Virtual Appliance ECMClientAuthenticator Hard-Coded Credential Authentication Bypass Vulnerability 23 hours ago | www.zerodayinitiative.com

attackers authentication authentication bypass bypass +14

ZDI-24-420: SonicWALL GMS Virtual Appliance ECMPolicy XML External Entity Processing Information Disclosure Vulnerability 23 hours ago | www.zerodayinitiative.com

attackers authentication can cve +19

ZDI-24-419: (Pwn2Own) Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability 6 days, 23 hours ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +18

Cyber Security Engineer I

@ Fortress Security Risk Management | Cleveland, OH, United States

View on infosec-jobs.com

Senior DevSecOps Engineer

@ Wisk Aero | Remote United States

View on infosec-jobs.com

Vulnerable Adult Investigator - Vice President

@ JPMorgan Chase & Co. | Chicago, IL, United States

View on infosec-jobs.com

Consultant Réseaux IT Digital Impulse - H/F

@ Talan | Paris, France

View on infosec-jobs.com

DevSecOps Engineer (Onsite)

@ Accenture Federal Services | Arlington, VA

View on infosec-jobs.com

Senior Security Engineer

@ Minitab | State College, Pennsylvania, United States

View on infosec-jobs.com