HPE Network Node Manager Arbitrary Command Execution Vulnerability

HP Network Node Manager i-series NNMi software delivers powerful out-of-the-box features to help your network operations team efficiently manage networks of any size. An arbitrary command execution vulnerability exists in HPE Network Node Manager i NNMi versions 9.20, 9.23, 9.24, 9.25, 10.00,...

CVE-2016-2352

The Accellion File Transfer Appliance FTA before FTA91240 allows remote authenticated users to execute arbitrary commands by leveraging the YUMCLIENT restricted-user role...

IBM Security Identity Manager Virtual Appliance Arbitrary Command Execution Vulnerability

IBM Security Identity Manager ISIM is a suite of identity management and governance solutions from IBM in the United States. The solution automates the creation, modification, re-authentication and termination of user privileges throughout the user lifecycle and supports policy-based password...

IBM Security Identity Manager Virtual Appliance Arbitrary Command Execution Vulnerability (CNVD-2016-02912)

IBM Security Identity Manager ISIM is a suite of identity management and governance solutions from IBM in the United States. The solution automates the creation, modification, re-authentication and termination of user privileges throughout the user lifecycle and supports policy-based password...

Arbitrary Command Execution Vulnerability in Reporter System of Shanghai Bingfeng Computer Network Technology Co.

Shanghai Bingfeng Computer Network Technology Co., Ltd. is a domestic VPN, Traffic Management, Behavior Management, Link Load Balancing, Next Generation Firewall equipment supplier and IT value solution provider. Bingfeng network reporter system is a set of data report management system. Shanghai...

Arbitrary Command Execution Vulnerability in the cpu_history.cgi Parameter of the Bump Network Firewall System

AuTech firewall system has the ability to prevent various attacks inside and outside the network, suppress network storms through fine-grained traffic management, as well as rich application layer filtering functions and multi-link load balancing and server load balancing. An arbitrary command...

Arbitrary Command Execution Vulnerability in the ping_ip_address Parameter of the Bump Network Firewall System

AuTech firewall system has the ability to prevent various attacks inside and outside the network, suppress network storms through fine-grained traffic management, as well as rich application layer filtering functions and multi-link load balancing and server load balancing. An arbitrary command...

Observium 0.16.7533 - Authenticated Arbitrary Command Execution

Exploit for php platform in category web applications Exploit title: Observium Commercial - Authenticated RCE Author: Dolev Farhi Contact: dolevf at protonmail.com Date: 28-04-2016 Vendor homepage: http://observium.org/ Software version: CE 0.16.7533 Authenticated remote code execution Using eith...

Manage Engine Application Manager Arbitrary Command Execution Vulnerability

ManageEngine Applications Manager is an application performance monitoring solution. An arbitrary command execution vulnerability exists in Applications Manager. An attacker can execute system commands by uploading a malicious file...

Symantec Messaging Gateway Elevation of Privilege Vulnerability

Symantec Messaging Gateway is a suite of anti-spam, anti-virus, advanced content filtering and data leakage protection technologies from Symantec. A security vulnerability exists in the management console of Symantec Messaging Gateway versions prior to 10.6.0-7. The vulnerability can be exploited...

Novell openSUSE Leap and openSUSE Arbitrary Command Execution Vulnerabilities

Novell openSUSE is a free Linux-based operating system. openSUSE Leap is a version of openSUSE. A security vulnerability in obs-service-extractfile in Novell openSUSE Leap and obs-service-extractfile in openSUSE allows local attackers to execute arbitrary commands...

Cisco UCS Central Software Arbitrary Command Execution Vulnerability

A vulnerability in the web framework of Cisco Unified Computing System UCS Central Software could allow an unauthenticated, remote attacker to execute arbitrary commands on a targeted system. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced...

Trend Micro Password Manager HTTP Server Arbitrary Command Execution Vulnerability

Trend Micro Password Manager is a secure password management solution from Trend Micro. A security vulnerability exists in Trend Micro Password Manager's HTTP server that can be exploited by remote attackers to execute arbitrary commands...

The vulnerability of the Cisco Firepower Extensible Operating System allows a perpetrator to execute arbitrary operating system commands.

The vulnerability of the Cisco Firepower Extensible Operating System’s undefined script exists because measures to neutralize the special elements used in the operating system commands have not been taken. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating syste...

Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability

A vulnerability in the web framework of Cisco Unified Computing System UCS Central Software could allow an unauthenticated, remote attacker to execute arbitrary commands on a targeted system. The vulnerability is due to improper input validation by the affected software. An attacker could exploit...

CVE-2016-4007

Multiple unspecified vulnerabilities in the obs-service-extractfile package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3.1 in openSUSE 13.2 allow attackers to execute arbitrary commands via a service definition, related to executing unzip with "illegal options."...

Design/Logic Flaw

Multiple unspecified vulnerabilities in the obs-service-extractfile package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3.1 in openSUSE 13.2 allow attackers to execute arbitrary commands via a service definition, related to executing unzip with "illegal options."...

CVE-2016-4007

Multiple unspecified vulnerabilities in the obs-service-extractfile package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3.1 in openSUSE 13.2 allow attackers to execute arbitrary commands via a service definition, related to executing unzip with "illegal options."...

Silicon Graphics LibTiff Denial of Service Vulnerability (CNVD-2016-02175)

Silicon Graphics LibTiff is the United States Silicon Graphics, Inc. of a read and write TIFF Tagged Image File Format file library. Silicon Graphics LibTiff 4.0.6 and earlier versions of the TIFFVGetField function in the tifdirinfo.c file has a security vulnerability that can be exploited by an...

HPE Asset Manager Arbitrary Code Execution Vulnerability

HP AssetManager is a solution for managing the lifecycle of IT assets. A security vulnerability exists in HPE Asset Manager 9.40, 9.41, 9.50, and Asset Manager CloudSystem Chargeback 9.40, which can be exploited by remote attackers to execute arbitrary commands via constructed serialized Java...