ROS-2-2413

2.2413 Notification on the update of the Red OS OPERATION SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the "RED OS" Operating System "RED OS" 7.3 antimalware protection system has been released. You can contact the technical support service within the framework of...

Dell Networking OS10 安全漏洞

Dell Networking OS10 is a Linux-based network switch operating system from Dell DELL U.S.A. An elevation of privilege vulnerability exists in Dell Networking OS10, which could be exploited by an attacker with specific API access to gain administrator privileges on the affected system...

Lantronix PremierWave 操作系统命令注入漏洞

The Lantronix PremierWave 2050 is an embedded enterprise Wi-Fi module from Lantronix, Inc. The Lantronix PremierWave 2050 is vulnerable to an operating system command injection vulnerability that could be exploited by attackers to cause arbitrary command execution...

Nature Easy Soft Network Technology ZenTao 操作系统命令注入漏洞

Nature Easy Soft Network Technology ZenTao is China's easy soft Tianchuang network technology Nature Easy Soft Network Technology company's open source project management software. The software includes product management, project management, quality management and document management functions...

Adobe Acrobat 操作系统命令注入漏洞

Adobe Acrobat is a PDF editor developed by Adobe. Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe. Adobe Acrobat/Reader is vulnerable to operating system command injection. An attacker can exploit this vulnerability to execute arbitrary code...

The vulnerability of the Windows SSDP Service component in the Windows operating system allows attackers to increase their privileges.

The vulnerability of the Windows SSDP Service component is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

npm git-parse 操作系统命令操作系统命令注入漏洞

npm git-parse is an application from the American company npm. It is a utility program that generates a set of javascript objects that represent the current branch of the commit history of a local git repository. An operating system command injection vulnerability exists in the "gitDiff" function...

Rockwell Automation FactoryTalk AssetCentre 操作系统命令注入漏洞

Rockwell Automation FactoryTalk AssetCentre is an asset management software tool from Rockwell Automation that allows manufacturers and industrial companies to centrally manage controllers and other automation-related assets. An OS command injection vulnerability exists in Rockwell Automation...

The vulnerability of the ICMP packet processing service in the NX-OS operating system allows a hacker to induce a service failure.

The vulnerability of the ICMP packet processing service in the NX-OS operating system is related to a memory release error. Exploiting this vulnerability could allow a malicious actor to cause a service failure remotely...

Kangtaike SolarView Compact 操作系统命令注入漏洞

Kangtaike SolarView Compact is an application system from Kangtaike, Japan. Kangtaike SolarView Compact SV-CPT-MC310 contains an operating system command injection vulnerability that could be exploited by an attacker to execute arbitrary operating system commands with Web server privileges via...

Omrilotan async-git OS Command Injection Vulnerability

Omrilotan async-git is a Javascript-based codebase from the individual developers of Omrilotan that supports interaction with git repositories. Omrilotan async-git package before 1.13.2 contains an operating system command injection vulnerability that allows injection of operating system commands...

IBM Maximo Anywhere Environment Issue Vulnerability

IBM Maximo Anywhere is a suite of next-generation mobile solutions from IBM USA built on the IBM Worklight platform. The solution supports remote access to IBM Maximo Asset Management a comprehensive asset lifecycle and maintenance management solution workflow and asset management via mobile...

Apple macOS Mojave Permissions Vulnerability

Apple macOS Mojave is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS Mojave versions prior to 10.14, and no details of the vulnerability are available at this time...

Monstra CMS Operating System Command Injection Vulnerability

Monstra CMS is a lightweight PHP-based content management system CMS by Ukrainian software developer Sergey Romanenko. A security vulnerability exists in Monstra CMS version 3.0.4. The vulnerability can be exploited to execute arbitrary OS commands by modifying the .chunk.php file...

The software for managing Cisco Firepower Device Manager On-Box devices is vulnerable due to insufficient validation of input data. This vulnerability allows a perpetrator to rewrite any files in the basic operating system of the vulnerable device.

The software vulnerability of Cisco Firepower Device Manager On-Box exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to rewrite any files in the basic operating system of the vulnerable device by loading a malicious file...

The vulnerability of the Windows operating system, related to errors in processing memory objects, allows a perpetrator to trigger a service failure.

The vulnerability of the Windows operating system is related to errors in processing objects in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

NetFortris Fonality Trixbox endpoint_devicemap.php Component OS Command Injection Vulnerability

NetFortris Fonality Trixbox is a suite of business telephony software from NetFortris USA. An operating system command injection vulnerability exists in the endpointdevicemap.php component in NetFortris Fonality Trixbox Community Edition versions 1.2.0 through 2.8.0.4, which can be exploited by a...

SAP Host Agent Elevation of Privilege Vulnerability

SAP Host Agent privileges is a host agent of SAP Germany. An elevation of privilege vulnerability exists in SAP Host Agent, which can be exploited by an attacker to gain root privileges to the underlying operating system using the operating framework, resulting in an elevation of privilege...

Vertiv Avocent UMG-4000 Web Interface OS Command Injection Vulnerability

The Vertiv Avocent UMG-4000 is a Universal Management Gateway appliance from Vertiv Technologies Vertiv. It supports real-time management, monitoring, access and control of IT devices and infrastructure. An operating system command injection vulnerability exists in the web interface of the Vertiv...

The vulnerability of the Oracle Solaris operating system’s Consolidation Infrastructure component allows a hacker to gain full control over the operating system.

The vulnerability of the Oracle Solaris operating system’s Consolidation Infrastructure component is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain full control over the operating system...