BELL-CVE-2026-43138

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2026-43138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - reset: gpio: suppress bind attributes in sysfs This is a special device that's created dynamically and is supposed to stay in memory forever. We also currently...

CVE-2023-43138

TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds NAPT rules after authentication, and the rule name has an injection point...

CVE-2022-43138

Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows attackers to escalate privileges via a crafted API...

Linux Distros Unpatched Vulnerability : CVE-2021-43138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues method, aka lib/internal/iterator.js createObjectIterator...

CVE-2024-43138

creationtimestamp| type| source ---|---|--- 2024-08-13 14:36:35+00:00| seen| https://t.me/cvedetector/3014...

CVE-2024-43138

CVE-2024-43138 affects Event Manager and Tickets Selling Plugin for WooCommerce (Mage Event/ WPEvently) up to 4.2.1. It is an authenticated Local File Inclusion (LFI) due to improper path handling, enabling access to restricted files. The Wordfence vulnerability listing notes it as Authenticated ...

WordPress Event Manager for WooCommerce Plugin <= 4.2.1 is vulnerable to Local File Inclusion

Software Event Manager for WooCommerce Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.2.2 OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-43138 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 721149c5cd33 Credits João Pedro S...

Security Bulletin: IBM Storage Ceph is vulnerable to Prototype Pollution in Grafana (CVE-2021-43138)

Summary Async is used by IBM Storage Ceph in Grafana as a metrics dashboard. This bulletin identifies the steps to take to address the vulnerability in Grafana. CVE-2021-43138. Vulnerability Details CVEID:CVE-2021-43138 DESCRIPTION: Async could allow a remote attacker to execute arbitrary code on...

RHEL 9 : pcs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - async: Prototype Pollution in async CVE-2021-43138 - The glob-parent package before 6.0.1 for Node.js...

CVE-2023-43138

creationtimestamp| type| source ---|---|--- 2023-09-21 00:30:36+00:00| seen| https://t.me/cibsecurity/70849...

CVE-2023-43138

TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds NAPT rules after authentication, and the rule name has an injection point...

CVE-2023-43138

The advisory for CVE-2023-43138 covers TP-LINK TL-ER5120G (firmware 4.0 2.0.0 Build 210817 Rel.80868n). The vulnerability is a command injection occurring when an attacker, after authentication, adds NAPT rules and provides an injection-point in the rule name. Practical impact is high confidentia...

SUSE: Security Advisory (SUSE-SU-2023:2578-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:2578-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: bind: - Provide bind dependencies and solve installation issues on SUSE Linux Enterprise Micro - There are no source changes dracut-saltboot: - Update to version 0.1.1681904360.84ef141 Load network configuration even when missing protocol version bsc1210640...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.7 security update

Red Hat OpenShift Service Mesh 2.2.7 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

Security Bulletin: There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises

Summary IBM Engineering Requirements Quality Assistant On-Premises affected by multiple vulnerabilities due to which an attacker could exploit this vulnerability to execute arbitrary code on the system and cause the application to crash cause a denial of service condition on the system. This...

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer operands that run Designer flows may be vulnerable to arbitrary code execution due to [CVE-2021-43138]

Summary Node.js module async is used by IBM App Connect Enterprise Certified Container as part of the Node.js runtime. IBM App Connect Enterprise Certified Container IntegrationServer operands that run Designer flows may be vulnerable to arbitrary code execution. This bulletin provides patch...

Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerability CVE-2021-43138

Summary There is a vulnerability CVE-2021-43138 which affects IBM Engineering Workflow Management EWM. Vulnerability Details CVEID:CVE-2021-43138 DESCRIPTION: Async could allow a remote attacker to execute arbitrary code on the system, caused by prototype pollution in the mapValues method. By...

Moderate: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.7 security and bug fix update

The Migration Toolkit for Containers MTC 1.7.7 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...