EUVD-2022-49119

Malicious code in bioql PyPI...

Checkmk Code Execution Vulnerability

Checkmk is an editor. Checkmk suffers from a code execution vulnerability that stems from broad access control when providing reverse proxy configurations that allow users to interact directly with the system Apache installation. An attacker can exploit this vulnerability to execute remote code...

Checkmk < 2.0.0p28, 2.1.x < 2.1.0p7 RCE Vulnerability

Checkmk is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:checkmk:checkmk"; ...

CVE-2022-46302

Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk = 2.1.0p6, Checkmk = 2.0.0p27, and all versions of Checkmk 1.6.0 EOL allowing an attacker to perform remote code execution wi...

Remote code execution

Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk = 2.1.0p6, Checkmk = 2.0.0p27, and all versions of Checkmk 1.6.0 EOL allowing an attacker to perform remote code execution wi...

Server: Incomplete blacklist vulnerability

Incomplete blacklist vulnerability in apps/contacts/import.php and apps/contacts/ajax/uploadimport.php in ownCloud before 4.0.13 and 4.5.8 allows an authenticated remote attacker to upload a .htaccess file and therefore the execution of arbitrary PHP code in a standard Apache installation. For mo...

Mac trojan poses as PDF to open botnet backdoor

Mac trojan poses as PDF to open botnet backdoor There's another Mac OS X Trojan out in the wild, and it might be heading your way.If you open the file, which could appear as an emailed attachment or as a Web link, the document, written in traditional Chinese ideograms, does indeed display. But a...

[Full-disclosure] Secure Computing - Security Reporter Auth Bypass and Directory Traversal Vulnerability

SECURITYREPORTER - AUTHENTICATION BYPASS AND DIRECTORY TRAVERSAL VULNERABILITY Product: SecurityReporter Version: 4.6.3 Build Date: 04/20/2007 Platform: Win32 Vendor: Secure Computing www.securecomputing.com Product Description ------------------- "SecurityReporter is a security event analysis an...

Проблемы с установкой Apache в SuSE Linux

Ошибка в файле конфигурации стандартной установки позволяет получать исходные тексты CGI-приложений. Кроме того, компонент WebDAV позволяет получать список файлов в директории...