VulnCheck KEV: CVE-2024-51568

CyberPanel aka Cyber Panel before 2.3.5 allows Command Injection via completePath in the ProcessUtilities.outputExecutioner sink. There is /filemanager/upload aka File Manager upload unauthenticated remote code execution via shell metacharacters...

Multiple CVEs identified by vulnerability scanning tools in Brocade ASCG

Secuirty updates provided with latest patch update: Security Update| CVEID ---|--- General remote services| CVE-2014-8730,CVE-2015-3642 binutils RLSA-2023:6236| CVE-2022-4285 open-vm-tools RLSA-2023:7265| CVE-2023-34058,CVE-2023-34059 container-tools RLSA-2023:7202| CVE-2023-29406 procps-ng...

SUSE CVE-2014-7230

The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log...

procps: Integer overflows leading to heap overflow in file2strvec

Multiple integer overflows leading to heap corruption flaws were discovered in file2strvec. These vulnerabilities can lead to privilege escalation for a local attacker who can create entries in procfs by starting processes, which will lead to crashes or arbitrary code execution in proc utilities...

Trove: potential leak of passwords into log files

The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log...