Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not adding a dispatch point to a batch operation...

ROS-20240815-05

A vulnerability in the centralized service for maintaining configuration information, naming, providing Apache ZooKeeper's centralized service for maintaining configuration information and naming, providing distributed synchronization, and providing group services is related to the lack of ACL...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Filament Excel 安全漏洞

Filament Excel is a tool by Dennis Koch, a personal developer. Easily configure Excel exports in Filament through batch or page operations. A security vulnerability exists in Filament Excel that stems from allowing any file to be downloaded without logging in...

ROS-20240805-02

A vulnerability in the implementation of the application program interface of the Rust programming language interpreter for Windows operating systems is related to the introduction or modification of arguments. Windows operating systems is related to the introduction or modification of arguments...

The vulnerability of the child_process.spawn() and child_process.spawnSync() functions in the Node.js software platform for Windows operating systems allows a hacker to bypass security restrictions and execute arbitrary commands.

The vulnerability of the childprocess.spawn and childprocess.spawnSync functions in the Node.js software platform for Windows operating systems is related to the improper handling of the shell parameter in .bat and .cmd files. Exploiting this vulnerability allows a remote attacker to bypass...

CVE-2024-40895

FFRI AMC contains an OS command injection (CWE-78) vulnerability affecting versions 3.4.0–3.5.3 (and some OEM bundles) where, if the notification program setting is enabled and the executable path ends with a batch/command file, a remote unauthenticated attacker can execute arbitrary OS commands....

CVE-2024-40895

FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 allow a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an environment where the notification program setting is enabled and the...

CVE-2024-40895

FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 allow a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an environment where the notification program setting is enabled and the...

PT-2024-29133 · Ffri · Ffri Amc

Name of the Vulnerable Software and Affected Versions: FFRI AMC versions 3.4.0 to 3.5.3 Some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 Description: The issue allows a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an...

Malicious code in sap-batch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f3840087b144e6aecb88e059cf81b246bf66c3406359290349d846a7939202a5 The OpenSSF Package Analysis project identified 'sap-batch' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7609 Malicious code in sap-batch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f3840087b144e6aecb88e059cf81b246bf66c3406359290349d846a7939202a5 The OpenSSF Package Analysis project identified 'sap-batch' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

SUSE CVE-2024-36138

Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via childprocess.spawn / childprocess.spawnSync. A malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option i...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

PT-2024-4625 · Node.Js +1 · Node.Js +1

Name of the Vulnerable Software and Affected Versions: Node.js versions up to 18.20.3 Node.js versions up to 20.15.0 Node.js versions up to 22.4.0 Description: The issue arises from improper handling of batch files with all possible extensions on Windows via child process.spawn / child...

Malicious code in batch-translations (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-6758 Malicious code in batch-translations (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in batch-actions (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-6756 Malicious code in batch-insert (RubyGems)

--- -= Per source details. Do not edit below this line.=-...