CVE-2019-20178

Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user...

Linux Distros Unpatched Vulnerability : CVE-2021-20178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the...

CVE-2023-20178

A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed aft...

CVE-2025-20178

creationtimestamp| type| source ---|---|--- 2025-04-16 20:14:38+00:00| seen| https://t.me/cvedetector/23146 2025-04-17 04:57:27+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12186...

CVE-2025-20178

CVE-2025-20178 affects Cisco Secure Network Analytics (web-based management interface). An authenticated attacker with valid administrative credentials can restore a malicious backup file to the device, exploiting insufficient integrity checks in device backups to obtain shell access as root on t...

CVE-2025-20178 Cisco Secure Network Analytics Privilege Escalation Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating system. This vulnerability is due to insufficient integrity...

CVE-2025-20178 Cisco Secure Network Analytics Privilege Escalation Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating system. This vulnerability is due to insufficient integrity...

Linux Distros Unpatched Vulnerability : CVE-2018-20178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function processdemandactive that results in a Denial of Service segfault...

Debian dla-3695 : ansible - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-3695 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3695-2 [email protected] https://www.debian.org/lts/security/...

Advisory ROSA-SA-2024-2532

Software: ansible 2.9.18 OS: rosa-server79 packageevrstring: ansible-2.9.18-1.res7 CVE-ID: CVE-2021-20228 BDU-ID: 2021-03706 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Ansible configuration management system is related to information disclosure. Exploitation of the vulnerability could all...

Photon OS 4.0: Ansible PHSA-2021-4.0-0038

An update of the ansible package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-4.0-0038. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2023-42124

CVE-2023-42124 concerns Avast Premium Security. The flaw is in the sandbox feature’s implementation, caused by incorrect authorization, allowing a local attacker who can run low-privileged code to escalate privileges and execute arbitrary code outside the sandbox, at medium integrity and high imp...

Amazon Linux 2 : ansible (ALASANSIBLE2-2023-004)

The version of ansible installed on the remote host is prior to 2.9.18-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ANSIBLE2-2023-004 advisory. A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by...

CVE-2023-20178

creationtimestamp| type| source ---|---|--- 2023-06-08 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1039 2023-06-08 10:30:23+00:00| seen| https://t.me/kasperskyb2b/679 2023-06-08 13:51:47+00:00| seen| https://t.me/truesecator/4479 2023-06-10 08:33:18+00:00| seen|...

CVE-2017-20178

creationtimestamp| type| source ---|---|--- 2023-02-21 20:16:45+00:00| seen| https://t.me/cibsecurity/58634...

CVE-2017-20178 Codiad process.php saveJSON information disclosure

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Codiad 2.8.0. It has been rated as problematic. Affected by this issue is the function saveJSON of the file components/install/process.php. The manipulation of the argument data leads to information disclosure. The attack may be launched...

CVE-2017-20178

The CVE-2017-20178 vulnerability affects Codiad 2.8.0 and is due to improper handling in the saveJSON function within components/install/process.php, where manipulating the data parameter leads to information disclosure. The issue can be triggered remotely, with a relatively high remote attack ve...

openSUSE: Security Advisory for Important (SUSE-SU-2022:3178-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2022:3178-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 : Important security update for SUSE Manager Client Tools (SUSE-SU-2022:3178-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3178-1 advisory. - A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the securit...