The vulnerability of the microprogrammed software of Huawei AP2000, Huawei AP4000, and Huawei AP4050DN-E lies in improper authentication, allowing attackers to execute arbitrary commands.

The vulnerability of the microprogrammed software of Huawei AP2000, Huawei AP4000, and Huawei AP4050DN-E wireless access points is related to improper authentication. Exploiting this vulnerability can allow attackers to execute arbitrary commands...

Avast Premium Security Arbitrary OS Command Execution Vulnerability

Avast Premium Security is a comprehensive security software that prevents viruses, spyware and other malicious threats from infecting your PC. An arbitrary OS command execution vulnerability exists in Avast Premium Security 19.8.2393. An attacker can exploit this vulnerability to execute arbitrar...

CVE-2019-18894

In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges of the currently...

VulnCheck KEV: CVE-2016-5679

cgi-bin/cgimain in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transferlicense command...

PT-2020-18285

Name of the Vulnerable Software and Affected Versions Comtech Stampede FX-1010 version 7.4.3 Description The issue allows remote authenticated administrators to execute arbitrary OS commands. This can be achieved by navigating to the Diagnostics Ping page and entering shell metacharacters in the...

CVE-2019-6014

DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface...

F5 BIG-IP Elevation of Privilege Vulnerability

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. An elevation of privilege vulnerability exists in F5 BIG-IP, which can be exploited by an attacker to elevate privileges, modi...

CVE-2019-6685

On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution...

DLL Hijacking Vulnerability in WPS Installer

WPS Office is an office software suite independently developed by Kingsoft Corporation Limited, which can realize the most commonly used text, table, presentation and many other functions of office software. The WPS installer has a DLL hijacking vulnerability, which can be exploited by an attacke...

Security Bulletin: Vulnerabilities in Ruby on Rails affect IBM License Metric Tool v9.

Summary Vulnerabilities discovered in Ruby on Rails component affect IBM License Metric Tool v9. Vulnerability Details CVEID: CVE-2019-15587 DESCRIPTION: In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished. CVSS...

SUSE SLES12 Security Update : libssh (SUSE-SU-2019:3307-1)

This update for libssh fixes the following issues : CVE-2019-14889: Fixed an arbitrary command execution bsc1158095. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format i...

openSUSE Security Update : libssh (openSUSE-2019-2689)

This update for libssh fixes the following issues : - CVE-2019-14889: Fixed an arbitrary command execution bsc1158095. This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...

OPENSUSE-SU-2019:2689-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2019-14889: Fixed an arbitrary command execution bsc1158095. This update was imported from the SUSE:SLE-15-SP1:Update update project...

SUSE-SU-2019:3307-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2019-14889: Fixed an arbitrary command execution bsc1158095...

SUSE SLED15 / SLES15 Security Update : libssh (SUSE-SU-2019:3293-1)

This update for libssh fixes the following issues : CVE-2019-14889: Fixed an arbitrary command execution bsc1158095. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format i...

Debian DSA-4584-1 : spamassassin - security update

Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. - CVE-2018-11805 Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. - CVE-2019-12420 Specially crafted...

Security update for libssh (important)

openSUSE Security Update: Security update for libssh Announcement ID: openSUSE-SU-2019:2689-1 Rating: important References: 1158095 Cross-References: CVE-2019-14889 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for libssh...

Updated git packages fix security vulnerabilities

The updated packages fix security vulnerabilities: The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths. CVE-2019-1348 When submodules are cloned recursively, under certain circumstances Git could...

Git Arbitrary Command Execution Vulnerability

Git is a free, open source distributed version control system. A security vulnerability exists in Git. A remote attacker could exploit this vulnerability to execute arbitrary commands on the system...

SUSE SLED15 / SLES15 Security Update : libssh (SUSE-SU-2019:3267-1)

This update for libssh fixes the following issues : CVE-2019-14889: Fixed an arbitrary command execution bsc1158095. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format i...