EUVD-2024-50408

Malicious code in bioql PyPI...

Firebox T15 contains an issue with hidden functionality

Overview Firebox T15 provided by WatchGuard Technologies contains the following vulnerability. Hidden functionality CWE-912 - CVE-2025-4106 Chuya Hayakawa and Ryo Kamino of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact An attacker may log...

CVE-2024-9945

An information-disclosure vulnerability exists in Fortra's GoAnywhere MFT application prior to version 7.7.0 that allows external access to the resources in certain admin root folders...

CVE-2024-9945

An information-disclosure vulnerability exists in Fortra's GoAnywhere MFT application prior to version 7.7.0 that allows external access to the resources in certain admin root folders...

CVE-2024-9945 Limited Information Disclosure in GoAnywhere MFT Prior to 7.7.0

An information-disclosure vulnerability exists in Fortra's GoAnywhere MFT application prior to version 7.7.0 that allows external access to the resources in certain admin root folders...

CVE-2024-9945 Limited Information Disclosure in GoAnywhere MFT Prior to 7.7.0

An information-disclosure vulnerability exists in Fortra's GoAnywhere MFT application prior to version 7.7.0 that allows external access to the resources in certain admin root folders...

Fortra GoAnywhere MFT 安全漏洞

Fortra GoAnywhere MFT is a secure file transfer solution from Fortra USA. A security vulnerability exists in Fortra GoAnywhere MFT versions prior to 7.7.0 that stems from an information disclosure vulnerability that allows external access to resources in certain administrative root folders...

PT-2024-39958 · Fortra · Goanywhere Mft

Name of the Vulnerable Software and Affected Versions: Fortra's GoAnywhere MFT versions prior to 7.7.0 Description: An information-disclosure issue exists in Fortra's GoAnywhere MFT application that allows external access to resources in certain admin root folders. By default, these folders...

CVE-2023-22815

Post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files. This vulnerability can only be exploited over the network and the attacker must already have...

Command injection

Post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files. This vulnerability can only be exploited over the network and the attacker must already have...

CVE-2023-22815 Post-authentication remote command injection vulnerability on Western Digital My Cloud OS 5 devices

Post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files. This vulnerability can only be exploited over the network and the attacker must already have...

Avaya Aura Application Enablement Services 安全漏洞

Avaya Aura Application Enablement Services is a server-based software solution from Avaya, USA. It provides an enhanced set of telephony APIs, protocols, Web services, and direct IP access to media, and supports standards such as CSTA, JTAPI, and TSAPI that expose Avaya Aura Communication Manager...

CVE-2020-14102

There is command injection when ddns processes the hostname, which causes the administrator user to obtain the root privilege of the router. This affects Xiaomi router AX1800rom version 1.0.336 and Xiaomi route RM1800 root version 1.0.26...

Command injection

A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attacker must first obtain admin/root privileges on the SPLX console to exploit this vulnerability...

CVE-2020-24561

A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attacker must first obtain admin/root privileges on the SPLX console to exploit this vulnerability...

Privelege escalation in Webmin

User with Webmin admin priveleges can obtain root access...