VMware ESXi Authentication Bypass Vulnerability

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory \(AD\) permissions can gain full access to an ESXi host that was previously configured to use AD for user management by re\-creating the configured AD group \('ESXi Admins' by default\) after it was deleted from AD.

深澜计费管理系统 /strategy/ip/bind-ip 远程代码执行漏洞

暂无

万户ezOFFICE协同管理平台 getAutoCode SQL注入漏洞

暂无

Docker CE AuthZ 权限提升漏洞(CVE-2024-41110)

某些版本的 Docker Engine 中检测到安全漏洞，该漏洞可能允许攻击者在特定情况下绕过授权插件 \(AuthZ\)。使用特制的 API 请求，Engine API 客户端可以让守护进程将请求或响应转发给授权插件，而无需正文。在某些情况下，授权插件可能会允许原本会拒绝的请求（如果正文已转发给它）。

Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability

Acronis Cyber Infrastructure \(ACI\) allows an unauthenticated user to execute commands remotely due to the use of default passwords.