CVE-2021-39994

There is an arbitrary address access vulnerability with the product line test code.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability...

The vulnerabilities of the BIG-IP Access Policy Manager, as well as of other software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibility and Reporting (AVR), BIG-IP Camer-Grade NAT (CGNAT), BIG-IP DDos Hybrid Defender, BIG-IP Domain Name System, BIG-IP Edge Gateway, BIG-IP Fraud Protection Service, BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Inforcement Manager, BIG-IP SSL Orchestrator, BIG-IP Webaccelerator, and BIG-IP WebSafe, are related to improper verification of cryptographic signatures. This allows attackers to increase their privileges.

The vulnerabilities of the BIG-IP Access Policy Manager, as well as of software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibili...

CVE-2021-27446

The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system...

CVE-2022-25569

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software...

CVE-2022-25569

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software...

CVE-2022-25569

The CVE-2022-25569 issue affects Bettini Srl GAMS Product Line v4.3.0, where the product reuses static SSH keys across installations, enabling unauthenticated attackers to log in as root by extracting a key from the software. This is described in multiple connected records as a static SSH key reu...

Bettini Srl GAMS Product Line信任管理问题漏洞

Bettini Srl GAMS Product Line is a software that allows remote management and configuration of video surveillance systems. A security vulnerability exists in Bettini Srl GAMS Product Line v4.3.0 that allows an unauthenticated attacker to log in as root by extracting a key from the software...

CVE-2021-39994

There is an arbitrary address access vulnerability with the product line test code.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability...

CVE-2021-39994

There is an arbitrary address access vulnerability with the product line test code.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability...

CVE-2021-39994

CVE-2021-39994 is linked to Huawei EMUI, described across CNVD/NVD records as an arbitrary address access vulnerability in the product line test code that can lead to arbitrary code execution. The CNVD entry explicitly frames this as a Huawei EMUI code execution vulnerability, while NVD highlight...

CVE-2021-28497

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in...

Design/Logic Flaw

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in...

CVE-2021-28497

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in...

Security Advisory 0068

Security Advisory 0068 . CSAF PDF Date: August 20th, 2021 Version: 1.0 Revision | Date | Changes ---|---|--- 1.0 | August 20th, 2021 | Initial Release The CVE-ID tracking this issue: CVE-2021-28494 CVSSv3.1 Base Score: 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H Description This advisory...

Cumulative Update 18 for Microsoft Dynamics 365 Business Central October'18 on-premises (Application Build 41909, Platform Build 41879)

Cumulative Update 18 for Microsoft Dynamics 365 Business Central October'18 on-premises Application Build 41909, Platform Build 41879 This article applies to Microsoft Dynamics 365 Business Central on-premises deployments for all countries and all language locales. An information disclosure...

vmware-version NSE Script

Queries VMware server vCenter, ESX, ESXi SOAP API to extract the version information. The same script as VMware Fingerprinter from VASTO created by Claudio Criscione, Paolo Canaletti Script Arguments slaxml.debug See the documentation for the slaxml library. http.host, http.max-body-size,...

Multiple F5 BIG-IP Product Denial of Service Vulnerabilities

F5 BIG-IP ASM Application Security Manager is a network security product from F5 Corporation, U.S.A. ASM is a comprehensive web application firewall that protects applications and data from known and unknown threats, defends against Trojans that bypass standard protections, and patches...

Number of Devices Sharing Private Crypto Keys Up Sharply

Researchers at SEC Consult say the number of internet gateways, routers, modems and other embedded devices sharing cryptographic keys and certificates is up 40 percent since the Austrian consulting firm first looked at the problem in November. The report, posted Tuesday called “House of Keys,”...