Malicious code in faest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f66b290465d72fc55bce4fef4200ebea68c430be84cdcbbabec5263958041781 When using this library to do any request, a "validateorigin" function is called L1320 in client.py. This method, located in utils.py, collects all request dat...

MAL-2024-12269 Malicious code in faest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f66b290465d72fc55bce4fef4200ebea68c430be84cdcbbabec5263958041781 When using this library to do any request, a "validateorigin" function is called L1320 in client.py. This method, located in utils.py, collects all request dat...

CVE-2024-42639

H3C GR1100-P v100R009 was discovered to use a hardcoded password in /etc/shadow, which allows attackers to log in as root...

CVE-2024-42638

H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

CVE-2024-42637

H3C R3010 v100R002L02 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

H3C GR1100-P 安全漏洞

The H3C GR1100-P is a high-performance enterprise router from China's Xinhua San H3C. A security vulnerability exists in the H3C GR1100-P v100R009 version, which stems from a hard-coded password vulnerability in /etc/shadow that allows an attacker to log in as root...

H3C Magic B1ST 安全漏洞

The H3C Magic B1ST is a series of wireless routers from China's Xinhua San H3C. A security vulnerability exists in the H3C Magic B1ST v100R012 version, which stems from a hard-coded password vulnerability in /etc/shadow that allows an attacker to log in as root...

PT-2024-30088 · H3C · H3C Magic B1St

Name of the Vulnerable Software and Affected Versions: H3C Magic B1ST version v100R012 Description: A hardcoded password vulnerability was discovered in /etc/shadow, allowing attackers to log in as root. This issue affects the H3C Magic B1ST device, potentially allowing unauthorized access...

H3C R3010 安全漏洞

The H3C R3010 is a wireless router from China's Xinhua San H3C. A security vulnerability exists in the H3C R3010 v100R002L02 version, which stems from a hard-coded password vulnerability in /etc/shadow that allows an attacker to log in as root...

PT-2024-30087 · H3C · H3C R3010

Name of the Vulnerable Software and Affected Versions: H3C R3010 version v100R002L02 Description: A hardcoded password vulnerability was discovered in /etc/shadow, allowing attackers to log in as root. This issue affects the H3C R3010 device, potentially allowing unauthorized access...

kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes

A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write. This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation...

PT-2024-38176 · Totolink · Totolink Lr1200Gb

Name of the Vulnerable Software and Affected Versions: TOTOLINK LR1200 version 9.3.1cu.2832 Description: A problem was found in the file /etc/shadow.sample, which leads to the use of a hard-coded password. The complexity of an attack is rather high, and the exploitability is told to be difficult...

Photon OS 3.0: Shadow PHSA-2023-3.0-0705

An update of the shadow package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0705. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Shadow PHSA-2023-4.0-0415

An update of the shadow package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0415. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2024-38902

H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root...

PT-2024-28270 · H3C · H3C Magic R230

Name of the Vulnerable Software and Affected Versions: H3C Magic R230 version V100R002 Description: A hardcoded password vulnerability was discovered in /etc/shadow, allowing attackers to log in as root. Recommendations: For H3C Magic R230 version V100R002, consider changing the hardcoded passwor...

H3C Magic R230 安全漏洞

Magic R230 is a wireless router from China's Xinhua San H3C. A security vulnerability exists in the Magic R230 V100R002 of Xinhua San Technologies Co. The vulnerability stems from a hard-coded password vulnerability in /etc/shadow, which can be exploited by an attacker to log in as root...

CVE-2024-37644

TRENDnet TEW-814DAP v1FW1.01B01 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root...

rpm-ostree: world-readable /etc/shadow file

A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication da...

Moderate: rpm-ostree security update

The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be used both on client systems and on server-side composes. The rpm-ostree-client package provides commands for client systems to perform upgrades and...