Oracle Linux 8 : kernel (ELSA-2025-10669)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10669 advisory. - udf: Fix a slab-out-of-bounds write bug in udffindentry CKI Backport Bot RHEL-99113 CVE-2022-49846 - Bluetooth: Fix use after free in hcisendacl CKI...

CVE-2019-10669

An issue was discovered in LibreNMS through 1.47. There is a command injection vulnerability in html/includes/graphs/device/collectd.inc.php where user supplied parameters are filtered with the mysqliescaperealstring function. This function is not the appropriate function to sanitize command...

CVE-2024-10669

creationtimestamp| type| source ---|---|--- 2024-11-09 04:40:02+00:00| seen| https://infosec.exchange/users/cve/statuses/113451152276638271 2024-11-09 06:35:51+00:00| seen| https://t.me/cvedetector/10272...

CVE-2024-10669 Countdown Timer block – Display the event's date into a timer. <= 1.2.4 - Authenticated (Contributor+) Post Disclosure

The Countdown Timer block – Display the events date into a timer. plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.4 via the ctb shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated...

CVE-2024-10669

CVE-2024-10669 affects the WordPress plugin “Countdown Timer block – Display the event’s date into a timer.” The issue is Information Exposure via the [ctb] shortcode in all versions up to and including 1.2.4, allowing authenticated users with Contributor-level access or higher to retrieve data f...

WordPress Countdown Timer Plugin <= 1.2.4 is vulnerable to Sensitive Data Exposure

Software Countdown Timer Type Plugin Vulnerable versions = 1.2.4 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Sensitive Data Exposure CVE CVE-2024-10669 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 97d2e3a5c021 Credits Francesco Carlucci Required privilege...

CVE-2020-10669

The Canon Oce Colorwave 500 printer web interface (version 4.0.0.0) is affected by CVE-2020-10669 due to an authentication bypass on /home.jsp. An unauthenticated attacker who can reach the device’s web UI can obtain copies of documents uploaded by users. The issue is confirmed in multiple source...

LibreNMS - Collectd Command Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LibreNMS Collectd Command Injection', 'Description' = %q This module exploits a command injection vulnerability in the Collectd graphing...

CVE-2019-10669

LibreNMS (through 1.47) has a command injection in html/includes/graphs/device/collectd.inc.php. User-supplied parameters are filtered with mysqli_escape_real_string, which does not escape backticks and other shell characters, enabling injection into the $rrd_cmd that is executed via passthru(). ...

LibreNMS Collectd Command Injection Exploit

This Metasploit module exploits a command injection vulnerability in the Collectd graphing functionality in LibreNMS. The to and from parameters used to define the range for a graph are sanitized using the mysqliescaperealstring function, which permits backticks. These parameters are used as part...

CVE-2019-10669

creationtimestamp| type| source ---|---|--- 2019-09-06 17:10:24+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/librenmscollectdcmdinject.rb 2019-09-10 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/47375 2025-02-06 03:13:43+00:0...

LibreNMS Collectd Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LibreNMS Collectd Command Injection', 'Description' = %q This module exploits a command injection vulnerability in the Collectd graphing...

LibreNMS Collectd Command Injection

This module exploits a command injection vulnerability in the Collectd graphing functionality in LibreNMS. The to and from parameters used to define the range for a graph are sanitized using the mysqliescaperealstring function, which permits backticks. These parameters are used as part of a shell...

CVE-2016-10669

soci downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote...

CVE-2016-10669

CVE-2016-10669 describes a vulnerability in the soci library where binaries are downloaded over HTTP, enabling a man-in-the-middle to swap resources and potentially execute code remotely if the attacker is on the network or between the user and the server. Connected sources (GHSA and npm advisory...

CVE-2017-10669

Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 Java and OSCI Transport Library 1.6 .NET. An attacker with access to unencrypted OSCI protocol messages must send crafted protocol messages with duplicate IDs...

CVE-2017-10669

CVE-2017-10669 describes a Signature Wrapping vulnerability in OSCI-Transport 1.2 as used by OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). An attacker who can read unencrypted OSCI protocol messages can craft messages containing duplicate IDs to exploit the flaw. Affe...

CVE-2017-10669

Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 Java and OSCI Transport Library 1.6 .NET. An attacker with access to unencrypted OSCI protocol messages must send crafted protocol messages with duplicate IDs...