8 matches found
CVE-2025-54866
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.3.0 to before 4.13.0, a missing ACL on "C:\Program Files x86\ossec-agent\authd.pass" exposes the password to all "Authenticated Users" on the local machine. This issue has been patched in...
CVE-2025-8868 Chef Automate compliance service SQL Injection Vulnerability
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...
Chef Automate 信息泄露漏洞
Chef Software Chef Automate is an automation platform from Chef Software for automating and managing infrastructure, applications, and compliance to help organizations achieve continuous delivery, automated operations, and security compliance. An information disclosure vulnerability exists in Che...
Unspecified vulnerability in Linux kernel (CNVD-2019-38267)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the drivers/scsi/aacraid/commctrl.c file in versions of the Linux kernel prior to 4.13, which stems from aacgethbainfo not...
Ice Qube Thermal Management Center Authentication Bypass Vulnerability
Ice Qube Thermal Management Center is a thermal management application from Ice Qube USA. The program includes features such as email notifications, remote management, LCD display and temperature alarms. An authentication bypass vulnerability exists in Ice Qube Thermal Management Center versions...
CVE-2017-14026
In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information...
DEBIAN-CVE-2017-14497
The tpacketrcv function in net/packet/afpacket.c in the Linux kernel before 4.13 mishandles vnet headers, which might allow local users to cause a denial of service buffer overflow, and disk and memory corruption or possibly have unspecified other impact via crafted system calls...
DEBIAN-CVE-2017-9334
An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application that calls "length" on it...