7632 matches found
Apache Subversion Operating System Command Injection Vulnerability
Apache Subversion is the United States Apache Apache Foundation of a set of open source version control system. The system is compatible with Concurrent Versions System CVS. Apache Subversion 1.14.4 version of the previous operating system command injection vulnerability , the vulnerability stems...
NETGEAR EX6120 Command Injection Vulnerability
The NETGEAR EX6120 is a wireless extender from NETGEAR. A command injection vulnerability exists in the NETGEAR EX6120 v1.0.0.68, which stems from the wandns1pri parameter failing to properly filter constructed command special characters, commands, and so on. An attacker can exploit this...
CVE-2024-48153
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the getsubconfig function...
PT-2024-33007 · Draytek · Draytek Vigor3900
Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the get subconfig function. Recommendations: For DrayTek Vigor3900 version...
DrayTek Vigor 3900 安全漏洞
DrayTek Vigor 3900 is a high performance router for enterprise networks from China DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3. An attacker can exploit this vulnerability to inject malicious commands into mainfunction.cgi and execute arbitrary commands by...
Progress LoadMaster和Progress Multi-Tenant Hypervisor 输入验证错误漏洞
Progress LoadMaster and Progress Multi-Tenant Hypervisor are both products of Progress, Inc. Progress LoadMaster is a high performance application delivery controller ADC and load balancer. Progress Multi-Tenant Hypervisor is a multi-tenant hypervisor. Tenant Hypervisor is a multi-tenant...
The vulnerability of the External Lookups technology in the Splunk Enterprise platform for operational analysis allows a malicious actor to escalate their privileges and execute arbitrary commands.
The vulnerability of Splunk Enterprise’s External Lookups technology relates to the improper elimination of certain elements used in the operating system’s command set. This occurs due to the use of data models for detecting unauthorized searches called SearchActivity. Exploiting this vulnerabili...
Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems
Cybersecurity researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system OS commands. The flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum...
Exploit for OS Command Injection in Paloaltonetworks Expedition
CVE-2024-9464: Palo Alto Expedition Authenticated Command Inje...
CVE-2023-37154
checkbyssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and PermitLocalCommand with $IFS. This has been categorized both as fixed in e8810de, and as intended behavior...
CVE-2023-37154
checkbyssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and PermitLocalCommand with $IFS. This has been categorized both as fixed in e8810de, and as intended behavior...
DEBIAN-CVE-2023-37154
checkbyssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and PermitLocalCommand with $IFS. This has been categorized both as fixed in e8810de, and as intended behavior...
UBUNTU-CVE-2023-37154
checkbyssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and PermitLocalCommand with $IFS. This has been categorized both as fixed in e8810de, and as intended behavior...
CVE-2023-37154
checkbyssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and PermitLocalCommand with $IFS. This has been categorized both as fixed in e8810de, and as intended behavior...
Apache Subversion 操作系统命令注入漏洞
Apache Subversion is the United States Apache Apache Foundation of a set of open source version control system. The system is compatible with Concurrent Versions System CVS. Apache Subversion 1.14.4 version of the previous operating system command injection vulnerability , the vulnerability stems...
EulerOS 2.0 SP12 : cups (EulerOS-SA-2024-2523)
According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the...
CVE-2024-45880
A command injection vulnerability exists in Motorola CX2L router v1.0.2 and below. The vulnerability is present in the SetStationSettings function. The system directly invokes the system function to execute commands for setting parameters such as MAC address without proper input filtering. This...
Mageia: Security Advisory (MGASA-2024-0327)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CLSA-2024-1728056367 Fix CVE(s): CVE-2024-32465
SECURITY UPDATE: Bypass of protections in untrusted repositories - debian/patches/CVE-2024-32465.patch: Disable lazy-fetching by default in upload-pack to prevent arbitrary command execution during clone/fetch - CVE-2024-32465...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary command execution in OpenSSH [CVE-2023-51385]
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary command execution in OpenSSH, caused by improper validation of shell metacharacters CVE-2023-51385. OpenSSH is included as a Base OS package used by our service runtimes. This vulnerabilitiy has...