CVE-2019-16530

Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution...

Linux Distros Unpatched Vulnerability : CVE-2017-16530

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The uas driver in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of- bounds read and system crash or possibly have unspecifi...

CVE-2023-38333

Zoho ManageEngine Applications Manager through 16530 allows reflected XSS while logged in...

CVE-2023-38333

CVE-2023-38333 affects ManageEngine Applications Manager. The connected ZDI advisory indicates a vulnerability in the SingleSignOn page enabling remote code execution, with exploitation requiring a user to visit a malicious page. The underlying issue is improper validation/escaping, enabling arbi...

org.sonatype.nexus.assemblies:nexus-base-template (>=3.10.0-04 <=3.18.1-01), org.sonatype.nexus.assemblies:nexus-core-feature (>=3.0.0-03 <=3.18.1-01) +21 more potentially affected by CVE-2019-16530 via org.sonatype.nexus:nexus-repository (>=3.0.0-03 <=3.18.1-01)

org.sonatype.nexus:nexus-repository MAVEN version =3.0.0-03, =3.10.0-04, =3.0.0-03, =3.10.0-04, =3.10.0-04, =3.17.0-01, =0.0.4, =3.17.0-01, =3.10.0-04, =3.10.0-04, =3.11.0-01, =0.0.2, =3.13.0-01, =1.0.4, =3.10.0-04, =3.18.1-01 and more Source cves: CVE-2019-16530 Source advisory: OSV:GHSA-HM...

FreeBSD : nexus2-oss -- Multiple vulerabilities (b2f9573a-008c-11ea-9801-10c37b4ac2ea)

Sonatype reports : Several RCE vulnerabilities have been found and corrected in 2.14.15 : CVE-2019-16530: An attacker with elevated privileges can upload a specially crafted file. That file can contain commands that will be executed on the system, with the same privileges as the user running the...

CVE-2019-16530

Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution...

CVE-2019-16530

CVE-2019-16530 affects Sonatype Nexus Repository Manager (NXRM) 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, enabling remote code execution. Root cause reports indicate an attacker with sufficient privileges can upload a crafted file that executes code on the server. Several c...

nexus2-oss -- Multiple vulerabilities

Sonatype reports: Several RCE vulnerabilities have been found and corrected in 2.14.15: CVE-2019-16530: An attacker with elevated privileges can upload a specially crafted file. That file can contain commands that will be executed on the system, with the same privileges as the user running the...

CVE-2018-16530

The CVE-2018-16530 entry concerns Forcepoint Email Security version 8.5, where a stack-based buffer overflow in the product allows crafting input that can crash a process and cause a denial-of-service. The description notes that while no known Remote Code Execution (RCE) vulnerabilities exist, th...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4001)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4001 advisory. - USB: serial: console: fix use-after-free after failed setup Johan Hovold Orabug: 27206830 CVE-2017-16525 - uwb: properly check kthreadrun return...

Unbreakable Enterprise kernel security update

4.1.12-112.14.2 - fuse: Call endqueuedrequests after releasing fc-lock in fusedevrelease Ashish Samant Orabug: 26431550 - rds: Fix inaccurate accounting of unsignaled wrs in rdsibxmitrdma Hakon Bugge Orabug: 27097105 - rds: Fix inaccurate accounting of unsignaled wrs Hakon Bugge Orabug: 27097105 ...

Ubuntu 14.04 LTS : Linux kernel (AWS) vulnerabilities (USN-3485-3)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3485-3 advisory. It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker...

USN-3485-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-15265 Eric Biggers discovered that the key...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3485-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3485-1 advisory. It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker...

CVE-2017-16530

creationtimestamp| type| source ---|---|--- 2017-11-06 16:55:44+00:00| seen| https://t.me/HackerOne/1214...

CVE-2017-16530

The uas driver in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have unspecified other impact via a crafted USB device, related to drivers/usb/storage/uas-detect.h and drivers/usb/storage/uas.c...

CVE-2017-16530

CVE-2017-16530 affects the Linux kernel uas driver (drivers/usb/storage/uas.c; uas-detect.h). The issue allows a local user to trigger a denial of service or potentially other impact via a crafted USB device, caused by an out-of-bounds read. Affected condition is the uas driver in the kernel prio...

Fedora Update for nss-util FEDORA-2014-16530

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...