853 matches found
EUVD-2017-0121
Malware in sbrugna...
EUVD-2017-0123
Malware in sbrugna...
EUVD-2018-0134
Malware in sbrugna...
EUVD-2022-4798
Malicious code in bioql PyPI...
EUVD-2022-3616
Malicious code in bioql PyPI...
EUVD-2023-0232
Malicious code in bioql PyPI...
EUVD-2022-3990
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2019-1010259
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It...
Linux Distros Unpatched Vulnerability : CVE-2022-22935
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to forc...
Linux Distros Unpatched Vulnerability : CVE-2022-22967
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously...
Linux Distros Unpatched Vulnerability : CVE-2021-3148
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.genthin command injection...
Linux Distros Unpatched Vulnerability : CVE-2021-31607
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion...
Linux Distros Unpatched Vulnerability : CVE-2017-5200
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via...
Linux Distros Unpatched Vulnerability : CVE-2021-25284
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level. CVE-2021-25284 Note tha...
Linux Distros Unpatched Vulnerability : CVE-2017-5192
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using the localbatch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external...
Linux Distros Unpatched Vulnerability : CVE-2020-17490
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions. CVE-2020-17490 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2021-25282
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillarroots.write method is vulnerable to directory traversal. CVE-2021-25282 No...
Linux Distros Unpatched Vulnerability : CVE-2021-21996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and sourcehash URLs can gain full file system access as root on a...
Linux Distros Unpatched Vulnerability : CVE-2021-22004
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in...
Linux Distros Unpatched Vulnerability : CVE-2020-28243
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows fo...