1764 matches found
[SECURITY] Fedora 36 Update: golang-github-sqshq-sampler-1.1.0-9.fc36
Tool for shell commands execution, visualization and alerting. Configured with a simple YAML file...
SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2022:2357-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2357-1 advisory. - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2022-1978)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : python3 (EulerOS-SA-2022-2008)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Python aka CPython through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. Th...
CVE-2022-32534
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands...
CVE-2022-32534
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands...
Command injection
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands...
Bosch Ethernet switch PRA-ES8P2S 操作系统命令注入漏洞
Bosch Ethernet switch PRA-ES8P2S is a switch from Bosch, Germany. An operating system command injection vulnerability exists in Bosch Ethernet switch PRA-ES8P2S 1.01.05 and earlier software versions, which originates from an easy command injection via its web interface and can be exploited by an...
SUSE SLES12 Security Update : python36 (SUSE-SU-2022:2147-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2147-1 advisory. - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file...
CVE-2022-30329
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands...
CVE-2022-30329
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands...
CVE-2022-30329
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands...
Input validation
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands...
CVE-2022-30329
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands...
PT-2022-3473 · Bosch · Bosch Pra-Es8P2S
Name of the Vulnerable Software and Affected Versions: Bosch PRA-ES8P2S versions 1.01.05 and earlier Description: The issue is related to insufficient input validation in the diagnostics web interface of the Bosch PRA-ES8P2S Ethernet switch. This allows a remote attacker to execute arbitrary...
CVE-2022-31486
An authenticated attacker can send a specially crafted route to the “editroute.cgi” binary and have it execute shell commands. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.303...
CVE-2022-31486
An authenticated attacker can send a specially crafted route to the “editroute.cgi” binary and have it execute shell commands. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.303...
CVE-2022-31479
An unauthenticated attacker can update the hostname with a specially crafted name that will allow for shell commands to be executed during the core collection process. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which...
CVE-2022-31479
An unauthenticated attacker can update the hostname with a specially crafted name that will allow for shell commands to be executed during the core collection process. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which...
Design/Logic Flaw
An authenticated attacker can send a specially crafted route to the “editroute.cgi” binary and have it execute shell commands. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.303...