EUVD-2021-29810

Malicious code in bioql PyPI...

EUVD-2021-29812

Malicious code in bioql PyPI...

CVE-2021-42857

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf" API. The affected endpoint does not have any validation of the user's input that allows a malicious payload to be...

CVE-2021-42857

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf" API. The affected endpoint does not have any validation of the user's input that allows a malicious payload to be...

CVE-2021-42855

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA uses the ".debugcommand.config" file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the "/api/appInternals/1.0/agent/configuration" API to map t...

CVE-2021-42855

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA uses the ".debugcommand.config" file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the "/api/appInternals/1.0/agent/configuration" API to map t...

CVE-2021-42786

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not have any input validation of the user's input that allowed a malicious payload to be injected...

CVE-2021-42787

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the user's input that allows a...

CVE-2021-42787

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the user's input that allows a...

Directory traversal

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf" API. The affected endpoint does not have any validation of the user's input that allows a malicious payload to be...

Directory traversal

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA PluginServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/plugin/pmx" API. The affected endpoint does not have any input validation of the user's input that allows a malicious payload to be...

Directory traversal

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the user's input that allows a...

Design/Logic Flaw

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not have any input validation of the user's input that allowed a malicious payload to be injected...

Command injection

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA uses the ".debugcommand.config" file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the "/api/appInternals/1.0/agent/configuration" API to map t...

Aternity SteelCentral AppInternals 路径遍历漏洞

Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. It provides application performance monitoring APM and diagnostics. Aternity SteelCentral AppInternals Dynamic Sampling Agent DSA A security vulnerability exists in the AgentConfigurationServlet that...

SteelCentral AppInternals Dynamic Sampling Agent 输入验证错误漏洞

Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A remote code execution vulnerability exists in Aternity SteelCentral AppInternals, which stems from a failure of a network system or product to properly filter specific elements of external input da...

CVE-2021-42854 Directory Traversal Read/Write/Delete at PluginServlet

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA PluginServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/plugin/pmx" API. The affected endpoint does not have any input validation of the user's input that allows a malicious payload to be...

CVE-2021-42787 Directory Traversal Write/Delete/Partial Read at AgentConfigurationServlet

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the user's input that allows a...

CVE-2021-42855 Local privilege escalation due to misconfigured write permission on .debug_command.config file

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA uses the ".debugcommand.config" file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the "/api/appInternals/1.0/agent/configuration" API to map t...

CVE-2021-42786

CVE-2021-42786 affects SteelCentral AppInternals Dynamic Sampling Agent (DSA). The vulnerability enables remote code execution via multiple API request paths, caused by insufficient input validation of user data (notably at the AgentControllerServlet). Documented as a high-severity issue (CVSSv3....