CVE-2023-1966

Instruments with Illumina Universal Copy Service v1.x and v2.x contain an unnecessary privileges vulnerability. An unauthenticated malicious actor could upload and execute code remotely at the operating system level, which could allow an attacker to change settings, configurations, software, or access sensitive data on the affected product.

Publication date: Sat, 29 Apr 2023 00:15:00 +0000

Cyber News related to CVE-2023-1966

Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
1 year ago Cisa.gov CVE-2023-48842 CVE-2023-43089 CVE-2023-39226 CVE-2023-46690 CVE-2023-47207 CVE-2023-46886 CVE-2023-48882 CVE-2023-49656 CVE-2023-28896 CVE-2023-48016 CVE-2023-49092 CVE-2023-2266 CVE-2023-2267 CVE-2023-31177 CVE-2023-34388 CVE-2023-34389 CVE-2023-48848 CVE-2023-4398

CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
8 months ago Tenable.com

Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server - Sig 11,887 p4api vs2017 static openssl3 p4api-2023.1.2468153-vs2017 static. Sig 11,847 p4api vs2017 static p4api-2023.1.2468153-vs2017 static. Sig 10,187 p4api vs2017 static vsdebug openssl3 p4api-2023.1.2468153-vs2017 static vsdebug. Sig 10,147 ...
1 year ago Microsoft.com

CVE-2023-1966 - Instruments with Illumina Universal Copy Service v1.x and ...
1 year ago

CVE-2009-1967 - Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different ...
7 years ago

CVE-2009-1966 - Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different ...
7 years ago

CVE-2013-2115 - Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix ...
4 years ago

CVE-2014-1966 - The SNMP implementation in Siemens RuggedCom ROS before 3.11, ROS 3.11 for RS950G, ROS 3.12 before 3.12.4, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (device outage) via crafted packets. ...
3 years ago

CVE-2021-1966 - Possible buffer overflow due to lack of length check of source and destination buffer before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music ...
3 years ago

CVE-2007-1966 - Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie. ...
16 years ago

CVE-2002-1966 - Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. ...
16 years ago PLATINUM

CVE-2005-1966 - The eTrace_validaddr function in eTrace plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the etrace_host parameter. ...
8 years ago

CVE-2015-1966 - Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before FP17, 6.2.1 before FP9, and 6.2.2 before FP15, as used in Security Access Manager for Mobile and other products, allow remote attackers ...
8 years ago

CVE-2004-1966 - Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) ...
7 years ago

CVE-2012-1966 - Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL. ...
7 years ago

CVE-2008-1966 - Multiple buffer overflows in the JAR file administration routines in the BSU JAVA subcomponent in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allow remote authenticated users to cause a denial of service (instance crash) via a call to ...
6 years ago

CVE-2006-1966 - An unspecified Fortinet product, possibly Fortinet28, allows remote attackers to cause a denial of service via a "small synflood" to the SMTP port (TCP port 25), as demonstrated by a 10-microsecond wait between sending packets. NOTE: this ...
6 years ago

CVE-2013-1966 - Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. ...
5 years ago

CVE-2010-1966 - Unspecified vulnerability in HP Insight Control power management for Windows before 6.1 allows local users to read or modify data, or cause a denial of service, via unknown vectors. ...
5 years ago

CVE-2016-1966 - The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer ...
5 years ago

CVE-2011-1966 - The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query ...
4 years ago

CVE-2018-14683 - PRTG before 19.1.49.1966 has Cross Site Scripting (XSS) in the WEBGUI. ...
3 years ago

CVE-2017-1966 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com

CVE-2019-1966 - A vulnerability in a specific CLI command within the local management (local-mgmt) context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The ...
4 years ago

CVE-2024-42114 - In the Linux kernel, the following vulnerability has been resolved: ...
5 months ago

Latest Cyber News

Microsoft confirms it's killing off Skype in May, after 14 years - 1 hour ago
CVE-2024-53408 - 1 hour ago
CVE-2024-41338 - 1 hour ago
Chinese Hackers Exploiting Check Point's VPN Zero-Day Vulnerability - 2 hours ago
Nakivo Backup & Replication Tool Vulnerability Allows Attackers to Read Arbitrary Files - 3 hours ago
Hacker behind over 90 high-profile data leaks worldwide arrested in Thailand | The Record from Recorded Future News - 3 hours ago
Poco RAT Malware Exploits PDF Files to Infiltrate Systems and Steal Data - 3 hours ago
Njrat Attacking Users Abusing Microsoft Dev Tunnels for C2 Communications - 4 hours ago
New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins - 4 hours ago
PingAM Java Agent Vulnerability Let Attackers Gain Unauthorized Access - 4 hours ago
Lynx Ransomware Attacking Organizations to Exfiltrate Sensitive Data - 6 hours ago
1.6 Million Android TVs Worldwide Hacked by Vo1d Botnet - 7 hours ago
New GitHub Scam With Thousand of “mods" & "cracks" Steal Your Data - 7 hours ago
260 Domains Hosting 5,000 Weaponized PDF Files Attacking Users - 8 hours ago
Wallbleed Exposes Memory Vulnerability in China’s Great Firewall DNS System - 8 hours ago
18 Best Web Filtering Solutions - 2025 - 8 hours ago
DeepSeek Data Leak - 12,000 Hardcoded Live API keys and Passwords Exposed - 12 hours ago
Vo1d malware botnet grows to 1.6 million Android TVs worldwide - 17 hours ago
New Vo1d botnet variant infects 1.6 million Android TVs worldwide - 17 hours ago
CVE-2025-25730 - 18 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
Kimsuky - 1 year ago
23andMe - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Microsoft confirms it's killing off Skype in May, after 14 years - 1 hour ago
Chinese Hackers Exploiting Check Point's VPN Zero-Day Vulnerability - 2 hours ago
Nakivo Backup & Replication Tool Vulnerability Allows Attackers to Read Arbitrary Files - 3 hours ago
Hacker behind over 90 high-profile data leaks worldwide arrested in Thailand | The Record from Recorded Future News - 3 hours ago
Poco RAT Malware Exploits PDF Files to Infiltrate Systems and Steal Data - 3 hours ago
Njrat Attacking Users Abusing Microsoft Dev Tunnels for C2 Communications - 4 hours ago
New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins - 4 hours ago
PingAM Java Agent Vulnerability Let Attackers Gain Unauthorized Access - 4 hours ago
Lynx Ransomware Attacking Organizations to Exfiltrate Sensitive Data - 6 hours ago
1.6 Million Android TVs Worldwide Hacked by Vo1d Botnet - 7 hours ago
New GitHub Scam With Thousand of “mods" & "cracks" Steal Your Data - 7 hours ago
260 Domains Hosting 5,000 Weaponized PDF Files Attacking Users - 8 hours ago
Wallbleed Exposes Memory Vulnerability in China’s Great Firewall DNS System - 8 hours ago
18 Best Web Filtering Solutions - 2025 - 8 hours ago
DeepSeek Data Leak - 12,000 Hardcoded Live API keys and Passwords Exposed - 12 hours ago
CVE-2018-9994 - 1 year ago
CVE-2018-9329 - 1 year ago
CVE-2018-9324 - 1 year ago
CVE-2018-9323 - 1 year ago
CVE-2018-9321 - 1 year ago