1765 matches found
CVE-2020-3332
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker to inject arbitrary shell commands that are executed by an affected device. The vulnerability is due to insufficient input...
Input validation
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker to inject arbitrary shell commands that are executed by an affected device. The vulnerability is due to insufficient input...
CVE-2020-9480
In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication spark.authenticate via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application's resources on the Spark cluster, even...
PYSEC-2020-95
In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication spark.authenticate via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application's resources on the Spark cluster, even...
Authentication flaw
In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication spark.authenticate via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application's resources on the Spark cluster, even...
CVE-2019-14894
A flaw was found in the CloudForms management engine version 5.10 and CloudForms management version 5.11, which triggered remote code execution through NFS schedule backup. An attacker logged into the management console could use this flaw to execute arbitrary shell commands on the CloudForms...
CVE-2019-14894
A flaw was found in the CloudForms management engine version 5.10 and CloudForms management version 5.11, which triggered remote code execution through NFS schedule backup. An attacker logged into the management console could use this flaw to execute arbitrary shell commands on the CloudForms...
Cisco IOS Software for Cisco Industrial Routers Virtual Device Server CLI Command Injection (cisco-sa-ios-iot-vds-cmd-inj-VfJtqGhE)
According to its self-reported version, IOS is affected by a vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an authenticated, local attacker to...
D-Link DIR-865L Operating System Command Injection Vulnerability
The D-Link DIR-865L is a wireless router from AUO D-Link of Taiwan, China. An operating system command injection vulnerability exists in D-Link DIR-865L Ax version 1.20B01 Beta. An attacker can exploit the vulnerability by sending a specially crafted request to execute arbitrary shell commands...
Cayin Content Management Server 11.0 - Remote Command Injection (root)
Title: Cayin Content Management Server 11.0 - Remote Command Injection root Author:LiquidWorm Date: 2020-06-04 Vendor: https://www.cayintech.com CVE: N/A Cayin Content Management Server 11.0 Root Remote Command Injection Vendor: CAYIN Technology Co., Ltd. Product web page: https://www.cayintech.c...
Multiple Cisco Products Input Validation Error Vulnerability (CNVD-2020-31994)
Cisco 809 Industrial Integrated Services Routers are products of Cisco Corporation.Cisco 809 Industrial Integrated Services Routers are industrial integrated multi-service routers.Cisco 829 Industrial Integrated Services Routers are industrial integrated multi-service routers.Cisco 1000 Series...
CVE-2020-3210
A vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an authenticated, local attacker to execute arbitrary shell commands on the Virtual Device Server...
CVE-2020-3205 Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Inter-VM Channel Command Injection Vulnerability
A vulnerability in the implementation of the inter-VM channel of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, adjacent attacker to execute arbitrary shell comman...
CVE-2020-3205
CVE-2020-3205 — Cisco IOS inter-VM channel injection involves Cisco IOS Software on Cisco 809/829 Industrial ISRs and CGR1000, where insufficient validation of signaling packets to the Virtual Device Server (VDS) allows an unauthenticated, adjacent attacker to execute arbitrary shell commands wit...
NewStart CGSL CORE 5.04 / MAIN 5.04 : ksh Vulnerability (NS-SA-2020-0024)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ksh packages installed that are affected by a vulnerability: - In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environme...
CVE-2020-8149
Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1...
CVE-2020-8149
Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1...
Design/Logic Flaw
Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1...
Apache CloudStack Input Validation Error Vulnerability
Apache CloudStack is a set of Infrastructure as a Service IaaS cloud computing platforms from the Apache Software Apache Software Foundation in the United States. The platform is primarily used for deploying and managing large networks of virtual machines. A buffer overflow vulnerability exists i...
Command injection
An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7...