1803 matches found
CVE-2022-42289
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering...
Design/Logic Flaw
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering...
CVE-2022-42290
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering...
CVE-2022-42290
The CVE-2022-42290 issue affects NVIDIA BMC SPX REST API. An authorized attacker can inject arbitrary shell commands, potentially leading to code execution, denial of service, information disclosure, and data tampering. The connected NVIDIA advisories note remediation via firmware updates; specif...
CVE-2022-42279
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering...
CVE-2022-42279
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2022-2877)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2022-2895)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.1 : openssl (EulerOS-SA-2022-2895)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script...
EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2022-2877)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script...
Exploit for Incorrect Authorization in Cacti
CVE-2022-46169 Cacti Blind Remote Code Execution Pre-Auth...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2022-2805)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:4310-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:4310-1 Security update for emacs
This update for emacs fixes the following issues: - CVE-2022-45939: Fixed shell command injection via source code files when using ctags bsc1205822...
SUSE-SU-2022:4305-1 Security update for emacs
This update for emacs fixes the following issues: - CVE-2022-45939: Fixed shell command injection via source code files when using ctags bsc1205822...
SUSE-SU-2022:4304-1 Security update for emacs
This update for emacs fixes the following issues: - CVE-2022-45939: Fixed shell command injection via source code files when using ctags bsc1205822...
CVE-2022-45939
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...
CVE-2022-45939
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...
Amazon Linux 2022 : openssl, openssl-devel, openssl-libs (ALAS2022-2022-195)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-195 advisory. A flaw was found in OpenSSL. The issue in CVE-2022-1292 did not find other places in the crehash script where it possibly passed the file names of certificates being hashed to a command execute...
FLIR AX8 1.46.16 Remote Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'FLIR AX8 unauthenticated RCE', 'Description' = %q All FLIR AX8 thermal sensor cameras versions up to and including 1.46.1...