[SECURITY] [DSA 5242-1] maven-shared-utils security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5242-1 [email protected] https://www.debian.org/security/ Aron Xu September 28, 2022 https://www.debian.org/security/faq -...

CVE-2022-40785

Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app...

CVE-2022-40785

Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app...

Remote code execution

Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app...

CVE-2022-40785

Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app...

CVE-2022-40785

CVE-2022-40785 affects mIPC camera firmware 5.3.1.2003161406. The issue arises from unsanitized input when setting a locale file, enabling shell injection. This can allow remote code execution on cameras when a victim logs into a specially crafted mobile app. The connected documents confirm the v...

PT-2022-25539 · Unknown · Mipc Camera Firmware

Name of the Vulnerable Software and Affected Versions: mIPC camera firmware version 5.3.1.2003161406 Description: Unsanitized input when setting a locale file leads to shell injection in the firmware. This allows an attacker to gain remote code execution on cameras running the firmware when a...

OESA-2022-1898 intel-sgx-ssl security update

The Intel® Software Guard Extensions SSL Intel® SGX SSL cryptographic library is intended to provide cryptographic services for Intel® Software Guard Extensions SGX enclave applications. The Intel® SGX SSL cryptographic library is based on the underlying OpenSSL Open Source project, providing a...

Debian: Security Advisory (DLA-3086-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3086-1] maven-shared-utils security update

Debian LTS Advisory DLA-3086-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 29, 2022 https://wiki.debian.org/LTS Package : maven-shared-utils Version : 3.3.0-1+deb10u1 CVE ID : CVE-2022-29599 Debian Bug : 1012314 It was discovered that the Commandline...

CVE-2022-25168

Apache Hadoop's FileUtil.unTarFile, File API does not escape the input file name before being passed to the shell. An attacker can inject arbitrary commands. This is only used in Hadoop 3.3 InMemoryAliasMap.completeBootstrapTransfer, which is only ever run by a local user. It has been used in...

CLSA-2022-1658347647 Fixed CVE-2015-20170 in python3

CVE-2015-20170: mailcap: findmatch function does not sanitise the second argument allowing to inject shell commands...

CLSA-2022-1658347112 Fixed CVE-2015-20170 in python

CVE-2015-20170: mailcap: findmatch function does not sanitise the second argument allowing to inject shell commands...

CLSA-2022-1658346878 Fixed CVE-2015-20170 in python

CVE-2015-20170: mailcap: findmatch function does not sanitise the second argument allowing to inject shell commands...

Verizon 5G Home LVSKIHP 操作系统命令注入漏洞

The Verizon 5G Home LVSKIHP is an all-in-one integrated modem and router from Verizon USA. It provides access to Verizon Wireless 5G wireless home Internet service. A security vulnerability exists in Verizon 5G Home LVSKIHP OutDoorUnit ODU version 3.33.101.0, which stems from a lack of property...

PYSEC-2022-238

This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method...

Debian: Security Advisory (DLA-3059-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3059-1] maven-shared-utils security update

Debian LTS Advisory DLA-3059-1 [email protected] https://www.debian.org/lts/security/ ; Markus Koschany June 26, 2022 https://wiki.debian.org/LTS Package : maven-shared-utils Version : 3.0.0-1+deb9u1 CVE...

Debian DLA-3059-1 : maven-shared-utils - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3059 advisory. It was discovered that the Commandline class in maven-shared-utils, a collection of various utility classes for the Maven build system, can emit double-quoted strings witho...

ALPINE-CVE-2022-2068

In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there...