PT-2024-17164 · Engenius · Engenius Ens500-Ac +2

Name of the Vulnerable Software and Affected Versions: EnGenius ENH1350EXT versions up to 20241118 EnGenius ENS500-AC versions up to 20241118 EnGenius ENS620EXT versions up to 20241118 Description: A critical vulnerability was found in the specified EnGenius devices, affecting the file...

CVE-2024-11666

CVE-2024-11666 affects cph2_echarge_firmware up to 2.0.4. Root cause: peer verification is disabled and communication with the eCharge cloud infrastructure occurs over an insecure channel, enabling remote unauthenticated users on the network between the EV charger controller and eCharge infrastru...

CVE-2024-11666 Unauthenticated Remote Command Injection in eCharge Salia PLCC

Affected devices beacon to eCharge cloud infrastructure asking if there are any command they should run. This communication is established over an insecure channel since peer verification is disabled everywhere. Therefore, remote unauthenticated users suitably positioned on the network between an...

CVE-2024-11666 Unauthenticated Remote Command Injection in eCharge Salia PLCC

Affected devices beacon to eCharge cloud infrastructure asking if there are any command they should run. This communication is established over an insecure channel since peer verification is disabled everywhere. Therefore, remote unauthenticated users suitably positioned on the network between an...

CVE-2024-11665 Unauthenticated Remote Command Injection

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in hardy-barth cph2echargefirmware allows OS Command Injection.This issue affects cph2echargefirmware: through 2.0.4...

CVE-2024-11665 Unauthenticated Remote Command Injection

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in hardy-barth cph2echargefirmware allows OS Command Injection.This issue affects cph2echargefirmware: through 2.0.4...

PT-2024-17160 · Engenius · Engenius Ens500-Ac +2

Name of the Vulnerable Software and Affected Versions: EnGenius ENH1350EXT, ENS500-AC, and ENS620EXT versions up to 20241118 Description: A critical issue affects an unknown function of the file /admin/network/wifi schedule. The manipulation of the argument wifi schedule day em 5 leads to command...

CVE-2024-8806

Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cohesive Networks VNS3. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

PT-2024-32621 · Myscada · Myscada Mypro Manager

Name of the Vulnerable Software and Affected Versions: mySCADA myPRO Manager affected versions not specified Description: A parameter within a command does not properly validate input, which could be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands. Th...

LLaMA-Factory 操作系统命令注入漏洞

LLaMA-Factory is a fine-tuned large-scale language model by a Chinese hoshi-hiyouga individual developer. A cross-site scripting vulnerability exists in LLaMA-Factory version 0.9.0 and earlier, which stems from improper handling of user input and allows malicious actors to execute arbitrary...

cups security update

1:2.3.3op2-31 - RHEL-60343 CVE-2024-47175 cups: remote command injection via attacker controlled data in PPD file...

CVE-2024-51503

A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to...

CVE-2024-51503

A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to...

CVE-2024-51503

A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to...

GeoVision EOL 操作系统命令注入漏洞

GeoVision EOL is a series of surveillance devices from the Chinese company GeoVision. GeoVision EOL suffers from an operating system command injection vulnerability that originates from an unauthenticated, remote attacker being able to inject and execute arbitrary system commands on the device...

Synology BeePhotos 操作系统命令注入漏洞

Synology BeePhotos is a photo backup program from China-based Synology Inc. The operating system command injection vulnerability exists in Synology BeePhotos versions prior to 1.0.2-10026 and 1.1.0-10053, which stems from improper neutralization of a special element in the Task Manager component,...

CVE-2024-11005

Command injection in Ivanti Connect Secure before version 22.7R2.1 Not Applicable to 9.1Rx and Ivanti Policy Secure before version 22.7R1.1 Not Applicable to 9.1Rx allows a remote authenticated attacker with admin privileges to achieve remote code execution...

Low: Red Hat Security Advisory: cups security update

An update for cups is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

ALSA-2024:9470 Low: cups security update

The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: libppd: remote command injection via attacker controlled data in PPD file For more details about the security issues, including the impact, a CVSS score,...

RHEL 9 : cups (RHSA-2024:9470)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9470 advisory. The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: libppd:...