Code injection

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A...

PYSEC-2022-173

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A...

PYSEC-2022-173

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A...

CVE-2022-22936

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks, which can result in an attacker replaying job publishes causing minions to run old jobs. File server replies can also be re-played. A...

PT-2022-15744 · Saltstack +2 · Saltstack Salt +2

Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.8 SaltStack Salt versions prior to 3003.4 SaltStack Salt versions prior to 3004.1 Description: An issue was discovered in SaltStack Salt where job publishes and file server replies are susceptible to repl...

CVE-2022-22936

Removed by vendor...

Rejetto HTTP File Server (HFS) Remote Code Execution Vulnerability

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server HFS or HttpFileServer allows remote attackers to execute arbitrary programs...

Path Traversal

Overview Affected versions of this package are vulnerable to Path Traversal. It is possible to traverse directories to fetch arbitrary files from the server. PoC curl --path-as-is "http://localhost:8888/static/../secret.json" Details A Directory Traversal attack also known as path traversal aims ...

Unspecified vulnerability in IDEC PLC (CNVD-2022-02761)

The IDEC PLC is a programmable controller. A security vulnerability exists in the IDEC PLC that can be exploited by an attacker to obtain user credentials from a file server, a backup repository, or a ZLD file saved on an SD card...

CVE-2021-37401

An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files saved in SD cards. As a result, the PLC user program may be uploaded, altered, and/or downloaded...

IDEC PLC 安全漏洞

The IDEC PLC is a programmable controller. A security vulnerability exists in the IDEC PLC that could allow an attacker to obtain PLC web server user credentials from a file server, backup repository, or a ZLD file saved on an SD card. The following products and versions are affected: FC6A Series...

IDEC PLC 安全漏洞

The IDEC PLC is a programmable controller. A security vulnerability exists in the IDEC PLC that can be exploited by an attacker to obtain user credentials from a file server, a backup repository, or a ZLD file saved on an SD card...

SolarWinds Serv-U File Server 安全漏洞

Solarwinds SolarWinds Serv-U File Server is a file transfer server from SolarWinds USA. A security vulnerability exists in the SolarWinds Serv-U File Server that allows a user with administrator privileges in the Serv-U console to move, create, and delete any file that is accessible on the Serv-U...

Panasonic Suffers Data Breach After Hackers Hack Into Its Network

Japanese consumer electronics giant Panasonic has disclosed a security breach wherein an unauthorized third-party broke into its network and potentially accessed data from one of its file servers. "As the result of an internal investigation, it was determined that some data on a file server had...

samba security update

An update is available for samba. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Samba is an open-source implementation of the Server Message Block SMB protocol...

RLSA-2021:4058 Moderate: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Negative idmap cache entries can cause incorrect...

Moderate: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Negative idmap cache entries can cause incorrect...

NewStart CGSL CORE 5.05 / MAIN 5.05 : samba Multiple Vulnerabilities (NS-SA-2021-0167)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has samba packages installed that are affected by multiple vulnerabilities: - All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with log level = 3 or above...

Moderate: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact...

Samba 3.4.0 <= 3.6.4 Elevate Privileges Vulnerability (CVE-2012-2111)

Samba 3.4.x to 3.6.4 are affected by a vulnerability that allows arbitrary users to modify privileges on a file server. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...