6 matches found
CVE-2024-24897
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in openEuler A-Tune-Collector on Linux allows Command Injection. This vulnerability is associated with program files...
CVE-2024-24897 Remote command execution in A-Tune-Collector
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in openEuler A-Tune-Collector on Linux allows Command Injection. This vulnerability is associated with program files...
CVE-2024-24897 Remote command execution in A-Tune-Collector
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in openEuler A-Tune-Collector on Linux allows Command Injection. This vulnerability is associated with program files...
CVE-2024-24897
CVE-2024-24897 affects openEuler A-Tune-Collector (1.1.0-3 through 1.3.0). The root cause is improper neutralization of shell commands in sched.py when obtaining a process ID, enabling command injection and remote arbitrary command execution. Multiple connected sources (Red Hat, NVD/NVD-like entr...
OESA-2024-1274 A-Tune-Collector security update
A-Tune-Collector is used to collect various system resources. Security Fixes: When the get method in the sched.py file in the A-Tune-Collector software package is used to obtain the process ID, shell command combination and injection risks exist. This flaw could lead to remote arbitrary command...
OESA-2024-1271 A-Tune-Collector security update
A-Tune-Collector is used to collect various system resources. Security Fixes: When the get method in the sched.py file in the A-Tune-Collector software package is used to obtain the process ID, shell command combination and injection risks exist. This flaw could lead to remote arbitrary command...