#CVSSv3

Trio of major holes in ownCloud expose admin passwords, allow unauthenticated file mods

by

November 27, 2023 at 01:34PM ownCloud has disclosed three critical vulnerabilities, including sensitive data exposure and authentication bypass flaws. The vulnerabilities affect containerized deployments, exposing admin passwords, mail server credentials, and license keys. Customers are advised to delete a specific file, change their secrets, and deny the use of pre-signed URLs. ownCloud is taking steps … Read more

VMware reveals critical vCenter vuln that you may have patched already without knowing it

by

October 25, 2023 at 12:33AM VMware has disclosed a critical vulnerability in its vCenter Server, along with a patch to fix it. The vulnerability, known as CVE-2023-34048, allows a malicious actor with network access to trigger an out-of-bounds write and potentially execute remote code. VMware has also released patches for unsupported versions of the software. … Read more