Advantech R-SeeNet 操作系统命令注入漏洞

Advantech R-SeeNet is an industrial monitoring software from Advantech, Taiwan, China. The software is based on the snmp protocol for monitoring platforms, and is available for Linux and Windows platforms.An OS command injection vulnerability exists in Advantech R-SeeNet ping.php, which stems fro...

[ASA-202107-25] ruby2.6: multiple issues

Arch Linux Security Advisory ASA-202107-25 ========================================== Severity: High Date : 2021-07-14 CVE-ID : CVE-2021-31799 CVE-2021-31810 CVE-2021-32066 Package : ruby2.6 Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2140 Summary ======= The...

IBM Security Access Manager 命令注入漏洞

IBM Security Access Manager is a product for information security management applications from IBM, USA. The product enables access management control through integrated devices for web, mobile and cloud computing. A command injection vulnerability exists in IBM Security Access Manager Docker,...

The vulnerability of the QuerySet.order_by() function in the Django web application framework allows a hacker to execute arbitrary commands.

The vulnerability of the QuerySet.orderby function in the Django web application framework relates to the lack of security measures for handling SQL queries. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...

The vulnerability of the microprogrammed software of Western Digital’s WD My Book Live and WD My Book Live Duo storage devices arises from the failure to eliminate the special components used in the operating system commands. This vulnerability allows a perpetrator to execute arbitrary commands.

The vulnerability of the microprogrammed software for Western Digital WD My Book Live and WD My Book Live Duo exists due to the lack of measures taken to neutralize the special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute...

Unspecified Vulnerability in QSAN SANOS

QSAN SANOS is the SAN storage management operating system from QSAN China. It comes with a refreshingly easy-to-use Web GUI and can be easily deployed into any infrastructure. A security vulnerability exists in QSAN SANOS that stems from the QSAN SANOS Restore Factory Settings feature not filteri...

Command injection

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...

CVE-2021-34616

CVE-2021-34616 concerns Aruba ClearPass Policy Manager and describes a remote arbitrary command execution vulnerability. Multiple connected sources specify impact on versions prior to 6.10.0, 6.9.6, and 6.8.9. A CNVD/PRION-type description attributes the root cause to inadequate input validation ...

CVE-2021-34616

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...

Command injection

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...

CVE-2021-34610

The CVE-2021-34610 entry concerns Aruba ClearPass Policy Manager. A remote arbitrary command execution vulnerability affects versions prior to 6.10.0, 6.9.6 and 6.8.9. It is documented as an issue that Aruba has released updates to address. Connected sources consistently describe this vulnerabili...

CVE-2021-34611

CVE-2021-34611 describes a remote arbitrary command execution vulnerability in Aruba ClearPass Policy Manager prior to version 6.10.0, 6.9.6, and 6.8.9. The issue allows an attacker to execute commands on the underlying system remotely (no user interaction required per CVSS data), making it a hig...

CVE-2021-34611

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...

Aruba ClearPass Policy Manager 命令注入漏洞

Aruba ClearPass Policy Manager is an application from Aruba, Inc. that provides a wireless network security access management system. A security vulnerability exists in Aruba ClearPass Policy Manager that can be exploited by an attacker to arbitrarily run commands on the underlying host...

CVE-2021-32529

Command injection vulnerability in QSAN XEVO, SANOS allows remote unauthenticated attackers to execute arbitrary commands. Suggest contacting with QSAN and refer to recommendations in QSAN Document...

QSAN XEVO 操作系统命令注入漏洞

QSAN XEVO is a flash data management system from QSAN China. Reduces repetitive tasks and provides complete data analysis. A command injection vulnerability exists in QSAN XEVO that stems from the product's Array function's status parameter not properly filtering input data for special characters...

QSAN Storage Manager 安全漏洞

QSAN Storage Manager is a NAS operating system from Quantium Technologies Incorporated QSAN. An authorization issue vulnerability exists in QSAN Storage Manager version 3.3.1 build 202101041800 and earlier versions, which can be exploited by an attacker to log in via an administrator account,...

QSAN Storage Manager 信任管理问题漏洞

QSAN Storage Manager is a NAS operating system from Quantium Technologies Incorporated QSAN. A hard-coded credentials vulnerability exists in QSAN Storage Manager version 3.3.1 build 202101041800 and prior versions. An attacker can exploit this vulnerability to open the control interface via the...

PT-2021-19749 · Qsan · Qsan Storage Manager

Name of the Vulnerable Software and Affected Versions: QSAN Storage Manager affected versions not specified Description: The issue allows remote privileged users to bypass access control and execute arbitrary commands due to an improper authorization vulnerability. Recommendations: Contact QSAN a...

[ASA-202107-18] gitlab: multiple issues

Arch Linux Security Advisory ASA-202107-18 ========================================== Severity: High Date : 2021-07-06 CVE-ID : CVE-2021-22223 CVE-2021-22224 CVE-2021-22225 CVE-2021-22226 CVE-2021-22227 CVE-2021-22228 CVE-2021-22229 CVE-2021-22230 CVE-2021-22231 CVE-2021-22232 CVE-2021-31799...