19628 matches found
CVE-2024-0004
A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary commands remotely to escalate privilege on the array...
CVE-2024-0004
A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary commands remotely to escalate privilege on the array...
CVE-2024-46997
DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1...
CVE-2024-46997 DataEase's H2 datasource has a remote command execution risk
DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1...
CVE-2024-46997 DataEase's H2 datasource has a remote command execution risk
DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1...
CVE-2024-46997 DataEase's H2 datasource has a remote command execution risk
DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1...
CVE-2024-46997
DataEase is affected by a remote command execution vulnerability accessible via the h2 datasource connection. Multiple sources (RH, NVD, OSV, CNVD, GHSA) confirm that prior to version 2.10.1, an attacker could trigger RCE by supplying a crafted h2 data source connection string, with evidence incl...
FlashArray和FlashBlade 安全漏洞
Pure Storage FlashArray and Pure Storage FlashBlade are both products of Pure Storage, U.S.A. Pure Storage FlashArray is an all QLC flash storage array.Pure Storage FlashBlade is a consolidated storage platform for file and object Pure Storage FlashBlade is a consolidated storage platform for fil...
WoodWing Elvis DAM 安全漏洞
WoodWing Elvis DAM is a digital asset management solution from WoodWing, Inc. A security vulnerability exists in WoodWing Elvis DAM version 6.98.1, which stems from a Remote Command Execution RCE vulnerability that includes authentication via the Apache Ant scripting feature...
PT-2024-27747 · Woodwing +1 · Woodwing Elvis Dam +1
Name of the Vulnerable Software and Affected Versions: WoodWing Elvis DAM version 6.98.1 Description: The issue is related to an authenticated remote command execution through the Apache Ant script functionality. This allows for the execution of commands on the affected system. Recommendations: F...
CVE-2024-37779
WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution RCE vulnerability via the Apache Ant script functionality...
CVE-2024-37779
WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution RCE vulnerability via the Apache Ant script functionality...
CVE-2024-37779
CVE-2024-37779 affects WoodWing Elvis DAM v6.98.1 and describes an authenticated remote command execution via the Apache Ant script functionality. The Red Hat/NVD/CVE entries confirm the vulnerability and context (authenticated RCE, Ant script). Connected sources note that exploitation details ar...
DataEase 注入漏洞
DataEase is a high-performance, easy-to-use, self-service data visualization and analysis tool that helps users quickly explore, understand and share data insights. DataEase suffers from a remote command execution vulnerability, which can be exploited by an attacker to leverage a code injection...
PT-2024-15289 · Pure Storage · Flasharray Purity
Name of the Vulnerable Software and Affected Versions: FlashArray Purity affected versions not specified Description: A condition exists in FlashArray Purity whereby a user with an array admin role can execute arbitrary commands remotely to escalate privilege on the array. Recommendations: At the...
FlashArray 安全漏洞
Pure Storage FlashArray is an all QLC flash storage array from Pure Storage, Inc. A security vulnerability exists in FlashArray, which can be exploited to remotely execute arbitrary commands to elevate privileges on the array by a user with the role of array administrator...
CVE-2024-9076
A vulnerability was found in DedeCMS up to 5.7.115. It has been rated as critical. This issue affects some unknown processing of the file /dede/articlestringmix.php. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public...
PT-2024-39410 · Dedecms · Dedecms
Name of the Vulnerable Software and Affected Versions: DedeCMS versions up to 5.7.115 Description: A critical issue affects some unknown processing of the file article string mix.php, leading to os command injection. The attack may be initiated remotely. The vendor was contacted early about this...
PT-2024-41084 · Iptables · Iptables
Name of the Vulnerable Software and Affected Versions: iptables affected versions not specified Description: The issue is related to insecure privilege management in the iptables utility for configuring and managing packet filtering rules in the Linux operating system. Exploitation of this issue...
The vulnerability of the Postjournal Service in the corporate email management system Zimbra Collaboration Suite allows a perpetrator to execute arbitrary commands.
The vulnerability of the Postjournal Service in the corporate email management system Zimbra Collaboration Suite is related to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute...