6 matches found
EUVD-2024-40259
Malicious code in bioql PyPI...
UBUNTU-CVE-2022-42717
An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute...
Input validation
Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root...
CVE-2018-1212 Authenticated remote code execution in iDRAC 6
The web-based diagnostics console in Dell EMC iDRAC6 Monolithic versions prior to 2.91 and Modular all versions contains a command injection vulnerability. A remote authenticated malicious iDRAC user with access to the diagnostics console could potentially exploit this vulnerability to execute...
CVE-2017-12477
It was discovered that the bpserverd proprietary protocol in Unitrends Backup UB before 10.0.0, as invoked through xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system...
bluez-utils: Bluetooth device name validation vulnerability
Background bluez-utils are the utilities for use with the BlueZ implementation of the Bluetooth wireless standards for Linux. Description The name of a Bluetooth device is improperly validated by the hcid utility when a remote device attempts to pair itself with a computer. Impact An attacker cou...