60 matches found
EUVD-2021-21358
Malware in sbrugna...
EUVD-2021-6603
Malicious code in bioql PyPI...
Security Bulletin: Multiple vulnerabilites in IBM Rational Build Forge.
Summary IBM Rational Build Forge 8.0.0.27 addresses multiple vulnerabilites Vulnerability Details CVEID:CVE-2024-40898 DESCRIPTION: Apache HTTP Server is vulnerable to server-side request forgery, caused by an error on Windows with modrewrite in server/vhost context. By sending a specially crafte...
Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to Web Application Source Code Disclosure Pattern Found (Low) CVE-2024-35144
Summary IBM Maximo Application Suite - Monitor Component is vulnerable to Web Application Source Code Disclosure Pattern Found Low CVE-2024-35144. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-35144 DESCRIPTION: IBM Maximo...
The vulnerability of the Routed PON Controller Software component in the Cisco IOS XR operating system of Cisco NCS 540 Series Routers, NCS 5500 Series Routers, and NCS 5700 Series Routers allows a hacker to gain unauthorized access to protected information.
The vulnerability of the Routed PON Controller Software in the Cisco IOS XR operating system for Cisco NCS 540 Series Routers, NCS 5500 Series Routers, and NCS 5700 Series Routers is related to the storage of passwords in an exposed manner. Exploiting this vulnerability can allow a perpetrator to...
CVE-2022-48954 s390/qeth: fix use-after-free in hsci
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix use-after-free in hsci KASAN found that addr was dereferenced after br2deveventwork was freed. ================================================================== BUG: KASAN: use-after-free in...
AutomationDirect Productivity PLCs
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : AutomationDirect Equipment : Productivity PLCs Vulnerabilities : Buffer Access with Incorrect Length Value, Out-of-bounds Write, Stack-based Buffer Overflow, Improper Access Control, Active...
Input validation
A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence System NCS 540 Series and 5700 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to...
CVE-2024-20320
CVE-2024-20320 affects Cisco IOS XR Software on Cisco 8000 Series Routers and NCS 540/5700 Series; the issue is due to insufficient validation of arguments in the SSH client CLI command, allowing an authenticated, low-privileged attacker to escalate to root on the device. Cisco states software up...
CVE-2024-20320
A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence System NCS 540 Series and 5700 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to...
CVE-2024-20320
A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence System NCS 540 Series and 5700 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to...
Amazon Linux 2023 : libuv, libuv-devel, libuv-static (ALAS2023-2024-540)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-540 advisory. libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to...
Zyxel NAS326 操作系统命令注入漏洞
Zyxel NAS326 is a cloud storage NAS from China Heqin Zyxel. A security vulnerability exists in the Zyxel NAS326 V5.21 AAZF.14 firmware version prior to C0, NAS540 V5.21 AATB.11 firmware version prior to C0, and NAS542V5.21 firmware version prior to V5.21, which originates from a vulnerability tha...
Cisco IOS XR 安全漏洞
Cisco IOS XR is an operating system developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS XR, which stems from a security issue in GRand Unified Bootloader GRUB, which can be exploited by an attacker to view sensitive files on the console using the GRUB bootload...
The vulnerability of Cisco IOS XR routers in the Cisco 8000 Series and Cisco NCS 540 models, related to errors in checking the cryptographic signature, allows a hacker to execute arbitrary code.
The vulnerability of Cisco IOS XR routers in the Cisco 8000 Series and Cisco NCS 540 models is related to errors in checking the cryptographic signature. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code on the target system remotely...
CVE-2021-34709
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code ...
CVE-2021-34708
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code ...
CVE-2021-34708
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code ...
CVE-2021-34709 Cisco IOS XR Software for Cisco 8000 and Network Convergence System 540 Series Routers Image Verification Vulnerabilities
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code ...
CVE-2021-34709 Cisco IOS XR Software for Cisco 8000 and Network Convergence System 540 Series Routers Image Verification Vulnerabilities
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code ...