73 matches found
OpenClaw 安全漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. A security vulnerability exists in OpenClaw that stems from automatically discovering and loading plugins from .OpenClaw/extensions/ without explicit trust validation, which can be exploited by an attacker to cause arbitrar...
OpenClaw: Workspace plugin auto-discovery allowed code execution from cloned repositories
Summary OpenClaw automatically discovered and loaded plugins from .openclaw/extensions/ inside the current workspace without an explicit trust or install step. A malicious repository could include a crafted workspace plugin that executed as soon as a user ran OpenClaw from that cloned directory...
Exploit for CVE-2024-32019
CVE-2024-32019 Proof of Concept Python A Python implementat...
CVE-2013-10072
Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could directly reach Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and allowing unintended access to discove...
EUVD-2013-7287
Nagios XI versions prior to 2012R1.6 contain a shell command injection vulnerability in the Auto-Discovery tool. User-controlled input is passed to a shell without adequate sanitation or argument quoting, allowing an authenticated user with access to discovery functionality to execute arbitrary...
EUVD-2013-7288
Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could directly reach Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and allowing unintended access to discove...
CVE-2013-10072
Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could directly reach Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and allowing unintended access to discove...
CVE-2013-10073
Nagios XI versions prior to 2012R1.6 contain a shell command injection vulnerability in the Auto-Discovery tool. User-controlled input is passed to a shell without adequate sanitation or argument quoting, allowing an authenticated user with access to discovery functionality to execute arbitrary...
CVE-2013-10073
CVE-2013-10073 affects Nagios XI versions prior to 2012R1.6. The Auto-Discovery tool accepts user-controlled input that is passed to a shell without adequate sanitation or argument quoting, enabling an authenticated user with discovery access to execute arbitrary commands with the privileges of t...
CVE-2013-10073 Nagios XI < 2012R1.6 Auto-Discovery Shell Command Injection
Nagios XI versions prior to 2012R1.6 contain a shell command injection vulnerability in the Auto-Discovery tool. User-controlled input is passed to a shell without adequate sanitation or argument quoting, allowing an authenticated user with access to discovery functionality to execute arbitrary...
CVE-2013-10073 Nagios XI < 2012R1.6 Auto-Discovery Shell Command Injection
Nagios XI versions prior to 2012R1.6 contain a shell command injection vulnerability in the Auto-Discovery tool. User-controlled input is passed to a shell without adequate sanitation or argument quoting, allowing an authenticated user with access to discovery functionality to execute arbitrary...
CVE-2013-10072
Summary: CVE-2013-10072 affects Nagios XI versions before 2012R1.6, with an authorization flaw in the Auto-Discovery feature. The issue allows users with read-only roles to directly access Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and ...
CVE-2013-10072 Nagios XI < 2012R1.6 Auto-Discovery Missing Authorization
Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could directly reach Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and allowing unintended access to discove...
CVE-2013-10072 Nagios XI < 2012R1.6 Auto-Discovery Missing Authorization
Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could directly reach Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and allowing unintended access to discove...
PT-2025-44534
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2012R1.6 Description Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could access Auto-Discovery endpoints and pages that require...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2012R1.6, which stems from an authorization...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2012R1.6, which stems from the Auto-Discove...
PT-2025-44535
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2012R1.6 Description Nagios XI versions prior to 2012R1.6 contain a shell command injection issue in the Auto-Discovery tool. User-controlled input is passed to a shell without proper sanitization or argument quotin...
CVE-2024-7654
An ActiveMQ Discovery service was reachable by default from an OpenEdge Management installation when an OEE/OEM auto-discovery feature was activated. Unauthorized access to the discovery service's UDP port allowed content injection into parts of the OEM web interface making it possible for other...
VMware vCenter Auto Discovery
Binary data vmwarevcenterautodiscovery.nbin...