8081 matches found
Quest KACE System Management Appliance 8.0.318 - Remote Code Execution
The '/common/downloadagentinstaller.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system. id: CVE-2018-11138 info: name: Quest KACE System Management Appliance 8.0.318 - Remote Code Executi...
Ivanti EPM Cloud Services Appliance Code Injection
Ivanti EPM Cloud Services Appliance CSA before version 4.6.0-512 is susceptible to a code injection vulnerability because it allows an unauthenticated user to execute arbitrary code with limited permissions nobody. id: CVE-2021-44529 info: name: Ivanti EPM Cloud Services Appliance Code Injection...
F5 BIG-IP Appliance Mode - Command Injection
When running in Appliance mode, an authenticated user assigned the Administrator role may bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. id: CVE-2022-41800 info: name: F5 BIG-IP Appliance Mode - Command Injection author: dwisiswant0 severity: high description...
EUVD-2026-42871
Dell PowerFlex Manager, Version prior to 5.1.0.1, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability during OS Repository processing to achie...
CVE-2026-56688
Dell PowerFlex Manager, Version prior to 5.1.0.1, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability during OS Repository processing to achie...
CVE-2026-56688
Dell PowerFlex Manager (versions before 5.1.0.1) is vulnerable to an OS Command Injection via OS Repository processing, caused by improper neutralization of special elements. A remote, high-privileged attacker could execute arbitrary commands as root, potentially causing full appliance compromise...
Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IKEv2 DoS (cisco-sa-multiprod-ikev2-dos-gPctUqv2)
According to its self-reported version, Cisco IOS Software is affected by a vulnerability. - A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cis...
Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IKEv2 DoS (cisco-sa-multiprod-ikev2-dos-gPctUqv2)
According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability. - A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and...
CVE-2026-40140
BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem. Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting...
CVE-2026-40138
A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance...
CVE-2026-40140 High-Severity Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access
BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem. Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting...
Ivanti Cloud Services Appliance - Path Traversal
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. id: CVE-2024-8963 info: name: Ivanti Cloud Services Appliance - Path Traversal author: johnk3r severity: critical description: | Path Traversal in the Ivanti CSA befo...
Security Bulletin: IBM MQ Appliance appliance is affected by multiple Java vulnerabilities
Summary IBM MQ Appliance has addressed multiple Java vulnerabilities. Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability...
Security Bulletin: IBM MQ Appliance is affected by an information exposure vulnerability (CVE-2026-40895)
Summary IBM MQ Appliance has addressed an information exposure vulnerability. Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects is an open source, drop-in replacement for Node's http and https modules that automatically follows redirects. Prior to 1.16.0, when an HTTP reque...
Cisco Umbrella Virtual Appliance < 3.8.5 Privilege Escalation (cisco-sa-umbrella-priv-esc-F4wJB7AU)
According to its self-reported version, Cisco Umbrella Insights Virtual Appliance is affected by a vulnerability. - A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability i...
CVE-2026-20246
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this...
EUVD-2026-37751
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this...
CVE-2026-20246
Summary: CVE-2026-20246 affects Cisco Umbrella Virtual Appliance. A vulnerability in the vmadmin CLI allows an authenticated, local attacker with vmadmin privileges to escalate to root by abusing certain commands at the CLI. The root-cause is insufficient validation of user-supplied commands in v...
Security Bulletin: Vulnerability in edk2 affects IBM Netezza Appliance
Summary The edk2 package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-9230 Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigge...
Security Bulletin: IBM MQ Appliance is affected by multiple open source vulnerabilities (CVE-2026-23193, CVE-2026-23231, CVE-2026-3497)
Summary IBM MQ Appliance has addressed multiple open source vulnerabilities. Vulnerability Details CVEID:CVE-2026-3497 DESCRIPTION: Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions...