422 matches found
CVE-2021-27006
StorageGRID formerly StorageGRID Webscale versions 11.5 prior to 11.5.0.5 are susceptible to a vulnerability which may allow an administrative user to escalate their privileges and modify settings in SANtricity System Manager...
Netapp StorageGRID 安全漏洞
Netapp StorageGRID is an object storage solution from NetApp USA.NetApp StorageGRID has a security vulnerability that could be exploited by an attacker to escalate its privileges and modify settings in SANtricity System Manager...
systemd bug fix and enhancement update
An update is available for systemd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The systemd packages contain systemd, a system and service manager for Linux,...
systemd bug fix and enhancement update
The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...
CVE-2021-43471
In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability...
Denial of service
In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability...
CVE-2021-43471
In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability...
The vulnerability in the `system_mgr.cgi` script of the D-Link DNS-320 network storage software allows a hacker to execute arbitrary code.
The vulnerability in the systemmgr.cgi script of the D-Link DNS-320 FW network storage software is related to errors in eliminating certain elements in the OS command. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2021-27004
System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local attacker to discover plaintext iSCSI CHAP credentials...
Design/Logic Flaw
System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local attacker to discover plaintext iSCSI CHAP credentials...
CVE-2021-27004
CVE-2021-27004 affects NetApp System Manager 9.x (versions 9.7 and higher up to but not including 9.7P16, 9.8P7, and 9.9.1P2). The documented flaw allows a local attacker to discover plaintext iSCSI CHAP credentials. Red Hat and other sources corroborate the same impact for System Manager in affe...
CVE-2021-27004
System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local attacker to discover plaintext iSCSI CHAP credentials...
Clustered Data ONTAP 安全漏洞
Netapp Clustered Data ONTAP is a storage operating system for clustered mode from the US-based Netapp. A security vulnerability exists in Clustered Data ONTAP that could allow a local attacker to discover plain text iSCSI CHAP credentials. The following products and versions are affected: System...
Security update for containerd, docker, runc (important)
openSUSE Security Update: Security update for containerd, docker, runc Announcement ID: openSUSE-SU-2021:1404-1 Rating: important References: 1102408 1185405 1187704 1188282 1190826 1191015 1191121 1191334 1191355 1191434 Cross-References: CVE-2021-30465 CVE-2021-32760 CVE-2021-41089 CVE-2021-410...
Directory traversal
A directory traversal vulnerability in the component system/manager/class/web/database.php was discovered in Baijiacms V4 which allows attackers to arbitrarily delete folders on the server via the "id" parameter...
Moodle Teacher Enrollment Privilege Escalation / Remote Code Execution Exploit
Moodle versions 3.9, 3.8 to 3.8.3, 3.7 to 3.7.6, 3.5 to 3.5.12, and earlier unsupported versions allow for a teacher to exploit chain to remote code execution. A bug in the privileges system allows a teacher to add themselves as a manager to their own class. They can then add any other users, and...
Moodle Teacher Enrollment Privilege Escalation to RCE
Moodle version 3.9, 3.8 to 3.8.3, 3.7 to 3.7.6, 3.5 to 3.5.12 and earlier unsupported versions allow for a teacher to exploit chain to RCE. A bug in the privileges system allows a teacher to add themselves as a manager to their own class. They can then add any other users, and thus look to add...
NetApp OnCommand System Manager 9.x Vulnerability - Lenovo Support US
No description provided...
CVE-2020-8587
OnCommand System Manager 9.x versions prior to 9.3P20 and 9.4 prior to 9.4P3 are susceptible to a vulnerability that could allow HTTP clients to cache sensitive responses making them accessible to an attacker who has access to the system where the client runs...
CVE-2020-8587
OnCommand System Manager 9.x versions prior to 9.3P20 and 9.4 prior to 9.4P3 are susceptible to a vulnerability that could allow HTTP clients to cache sensitive responses making them accessible to an attacker who has access to the system where the client runs...