317 matches found
GLSA-202305-02 : Python, PyPy3: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202305-02 Python, PyPy3: Multiple Vulnerabilities - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shel...
CVE-2022-43633
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
D-Link DIR-1935 操作系统命令注入漏洞
The D-Link DIR-1935 is a wireless router from China-based AUO D-Link. The D-Link DIR-1935 suffers from an operating system command injection vulnerability that originates when parsing an IPAddress element, where the process does not properly validate before executing a system call with a...
K46604804: Python vulnerability CVE-2021-29921
Security Advisory Description In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses. CVE-2021-29921 Impact There is no impact; F5...
SUSE CVE-2021-29921
In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...
GSD-2023-1002034 scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress
scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.93 by commit...
GSD-2023-1002033 scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.93 by commit...
GSD-2023-1001872 scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress
scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.11 by commit...
EulerOS Virtualization 2.10.1 : python-pip (EulerOS-SA-2023-1152)
According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, whic...
EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2022-2854)
According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a...
D-Link DIR-1935 SetSysLogSettings IPAddress Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...
Advantech iView SQL Injection (CVE-2022-2136)
A SQL injection vulnerability exists for Advantech iView. This vulnerability is due to improper input validation for the ipaddress parameter during the updatePROMFile process...
PT-2022-22699 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A memory leak issue was found in the Linux Kernel, specifically in the ipaddr link get function of the ipaddress.c file, which is part of the iproute2 component. This issue can be...
OESA-2022-1945 python-pip security update
pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 21.3.1 Release: 1 Summary: A...
CVE-2022-36556
Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08executeping01...
CVE-2022-36556
Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08executeping01...
CVE-2022-36556
Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08executeping01...
CVE-2022-36556
Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08executeping01...
CVE-2022-36556
Seiko SkyBridge MB-A100/A110 (v4.2.0 and earlier) is affected by CVE-2022-36556 due to a command-injection vulnerability via the ipAddress parameter at the /07system08execute_ping_01 endpoint. The issue could allow a remote attacker to execute arbitrary commands with admin privileges on affected ...
Seiko Solutions SkyBridge MB-A100/A110 命令注入漏洞
The Seiko Solutions SkyBridge MB-A100/A110 is an LTE-compatible IoT router from Seiko Solutions, Japan. A security vulnerability exists in the Seiko Solutions SkyBridge MB-A100/A110 v4.2.0 and earlier, which stems from the ipAddress parameter being found to contain command injection...