CVE-2019-16005 Cisco Webex Video Mesh Node Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an authenticated, remote attacker to execute arbitrary commands on the affected system. The vulnerability is due to improper validation of user-supplied input by the web-based management interface of the...

RHEL 7 : kernel (RHSA-2020:0178)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0178 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in fs/xfs/xfssuper.c...

Cisco Webex Bug Allows Remote Code Execution

Cisco Systems has fixed two high-severity vulnerabilities in its products, including one in its popular Webex video conferencing platform that could enable a remote attacker to execute commands. The high-severity Webex flaw exists in the web-based management interface of Cisco Webex Video Mesh, a...

Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1795)

According to its self-reported version, Cisco NX-OS Software is affected by a command injection vulnerability due to insufficient validation of arguments passed to a specific CLI command on an affected device. An authenticated, local attacker can exploit this to execute arbitrary commands on the...

Cisco Adaptive Security Appliance RCE (cisco-sa-20191112-asa-ftd-lua-rce)

A remote code execution vulnerability exists in the Lua interpreter of Cisco Adaptive Security Appliance ASA software due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. An authenticated, remote attacker can exploit this to bypass...

Cisco Firepower Threat Defense RCE (cisco-sa-20191112-asa-ftd-lua-rce)

A remote code execution vulnerability exists in the Lua interpreter of Cisco Firepower Threat Defense FTD software due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. An authenticated, remote attacker can exploit this to bypass...

CentOS 7 : kernel (CESA-2019:3834)

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1776)

According to its self-reported version, Cisco NX-OS Software is affected by a command injection vulnerability due to insufficient validation of arguments passed to a specific CLI command on an affected device. An authenticated, local attacker can exploit this to execute arbitrary commands on the...

Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1783)

According to its self-reported version, Cisco NX-OS Software is affected by a command injection vulnerability due to insufficient validation of arguments passed to a specific CLI command on an affected device. An authenticated, local attacker can exploit this to execute arbitrary commands on the...

Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1770)

According to its self-reported version, Cisco NX-OS Software is affected by a command injection vulnerability due to insufficient validation of arguments passed to a specific CLI command. An authenticated, local attacker can exploit these vulnerabilities by including malicious input as the argume...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

RHEL 7 : kernel (RHSA-2019:3838)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3838 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: hw: Machine Check Error on Page Size...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Cisco NX-OS Software Command Injection (CVE-2019-1784)

According to its self-reported version, Cisco NX-OS Software is affected by a command injection vulnerability due to insufficient validation of arguments passed to a specific CLI command on an affected device. An unauthenticated, local attacker can exploit this to execute arbitrary commands on th...

Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Command Injection Vulnerability

A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system. When processed, the commands will be executed wit...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Cisco NX-OS Software Command Injection Vulnerability (cisco-sa-20190925-nxos-vman-cmd-inj)

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability in a CLI command related to the virtualization manager VMAN in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with...