17 matches found
EUVD-2024-23563
Malicious code in bioql PyPI...
EUVD-2024-23561
Malicious code in bioql PyPI...
EUVD-2024-23562
Malicious code in bioql PyPI...
EUVD-2024-23564
Malicious code in bioql PyPI...
CVE-2024-26293
The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS...
CVE-2024-26292
An authenticated Arbitrary File Deletion vulnerability enables an attacker to delete critical files. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS PRO+: before 2025.5.1; System Director Appliance SDA+: before 2025.5.1...
CVE-2024-26293
The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS...
CVE-2024-26293
CVE-2024-26293 affects Avid NEXIS products via a vulnerable gSOAP v2.8 instance, enabling Unauthenticated Path Traversal. Impacted are Avid NEXIS E-series, F-series, PRO+ and System Director Appliance (SDA+) versions prior to 2025.5.1. Descriptions across NVD/Red Hat/CVELIST and related sources c...
CVE-2024-26291
An Unauthenticated Arbitrary File Read vulnerability affects the Agent when installed on a system. The parameter filename does not validate the path thus allowing users to read arbitrary files. As the application runs with the highest privileges root/NTAUTHORITY SYSTEM by default attackers are ab...
CVE-2024-26291 Authenticated Arbitrary File Read affecting Avid NEXIS
An Unauthenticated Arbitrary File Read vulnerability affects the Agent when installed on a system. The parameter filename does not validate the path thus allowing users to read arbitrary files. As the application runs with the highest privileges root/NTAUTHORITY SYSTEM by default attackers are ab...
Avid多款产品 安全漏洞
Avid NEXIS E-series, among others, is a virtualized storage platform from Avid, USA. A security vulnerability exists in various Avid products that stems from the use of a vulnerable version of gSOAP, which could lead to an unauthenticated path traversal attack. The following products and versions...
Avid多款产品 安全漏洞
Avid NEXIS E-series, among others, is a virtualized storage platform from Avid, USA. A security vulnerability exists in various Avid products, which stems from a vulnerability that could lead to an arbitrary file deletion attack. The following products and versions are affected: Avid NEXIS...
PT-2025-29436
Name of the Vulnerable Software and Affected Versions: Avid NEXIS E-series versions prior to 2025.5.1 Avid NEXIS F-series versions prior to 2025.5.1 Avid NEXIS PRO+ versions prior to 2025.5.1 System Director Appliance SDA+ versions prior to 2025.5.1 Description: The application is susceptible to ...
CVE-2024-26290
Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F-series on Linux, Avid Avid NEXIS PRO+ on Linux, Avid System Director Appliance SDA+ on Linux allows code execution on underlying operating system with root permissions.This issue affects Avid NEXIS...
CVE-2024-26290
Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F-series on Linux, Avid Avid NEXIS PRO+ on Linux, Avid System Director Appliance SDA+ on Linux allows code execution on underlying operating system with root permissions.This issue affects Avid NEXIS...
CVE-2024-26290
CVE-2024-26290 affects Avid NEXIS E-series, F-series, PRO+ on Linux and Avid System Director Appliance (SDA+) on Linux. The root cause is improper input validation that enables code execution with root privileges on the underlying OS. Affected versions can be before 2024.6.0 for all listed produc...
CVE-2024-26290 Authenticated Remote Command Injection affecting Avid NEXIS
Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F-series on Linux, Avid Avid NEXIS PRO+ on Linux, Avid System Director Appliance SDA+ on Linux allows code execution on underlying operating system with root permissions.This issue affects Avid NEXIS...