19647 matches found
RHEL 9 : pcp (RHSA-2024:3325)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3325 advisory. Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...
RHEL 9 : pcp (RHSA-2024:3321)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3321 advisory. Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...
RHEL 8 : pcp (RHSA-2024:3323)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3323 advisory. Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...
RHEL 8 : pcp (RHSA-2024:3324)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3324 advisory. Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...
RHEL 8 : pcp (RHSA-2024:3322)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3322 advisory. Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...
CVE-2024-5196
CVE-2024-5196 targets Arris VAP2500 v08.50. A vulnerability in /tools_command.php (parameter cmb_header/txt_command) allows remote command injection. Exploitation is possible remotely; public disclosure noted. No remediation details provided in the supplied documents.
pcp: exposure of the redis server backend allows remote command execution via pmproxy
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...
Important: Red Hat Security Advisory: pcp security update
An update for pcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
CVE-2024-5194
A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /assoctable.php. The manipulation of the argument id leads to command injection. The attack can be launched remotely. The exploit has been...
Vulnerability of the /useratte/resmanage.php script of the D-Link DAR-7000 and DAR-8000 routers, allowing attackers to execute arbitrary commands
The vulnerability of the D-Link DAR-7000 and DAR-8000 router microprogramming systems exists due to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
ALSA-2024:3264 Important: pcp security update
Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fixes: pcp:...
Important: pcp security update
Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fixes: pcp:...
CVE-2024-33529
ILIAS 7 before 7.30 and ILIAS 8 before 8.11 as well as ILIAS 9.0 allow remote authenticated attackers with administrative privileges to execute operating system commands via file uploads with dangerous types...
CVE-2024-33529
ILIAS 7 before 7.30 and ILIAS 8 before 8.11 as well as ILIAS 9.0 allow remote authenticated attackers with administrative privileges to execute operating system commands via file uploads with dangerous types...
Exploit for CVE-2024-22120
CVE-2024-22120 ToolKit Affected Version/s 6.0.0 - 6.0...
The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.
The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...
The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.
The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...
The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.
The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...
Backdrop CMS 1.27.1 Remote Command Execution
Exploit Title: Backdrop CMS 1.27.1 - Remote Command Execution RCE Date: 04/27/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://backdropcms.org/ Software Link: https://github.com/backdrop/backdrop/releases/download/1.27.1/backdrop.zip Version: latest Tested on: MacOS import os impor...
PopojiCMS 2.0.1 Remote Command Execution
Exploit Title: PopojiCMS 2.0.1 - Remote Command Execution Date: 14/04/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.popojicms.org/ Software Link: https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Version: Version : 2.0.1 Tested on:...