USN-8200-3 linux-raspi, linux-raspi-5.4 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - GPU drivers; - I2C subsystem; - Network traffic control; CVE-2022-49046,...

CVE-2021-22718

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists in C-Bus Toolkit V1.15.7 and prior that could allow a remote code execution when restoring project files...

CVE-2021-22719

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists in C-Bus Toolkit V1.15.7 and prior that could allow a remote code execution when a file is uploaded...

CVE-2021-22720

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists in C-Bus Toolkit V1.15.7 and prior that could allow a remote code execution when restoring a project...

CVE-2021-22748

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit V1.15.9 and prior, C-Gate Server V2.11.7 and prior...

CVE-2021-22784

A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1.15.8 and prior that could allow an attacker to use a crafted webpage to obtain remote access to the system...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-49985)

i2c: stm32f7: In case there is any sort of clock controller attached to the I2C bus controller, for example Versaclock or even an AIC32x4 I2C codec, then an I2C transfer triggered from the clock controller clkops .prepare callback may trigger a deadlock on drivers/clk/clk.c preparelock mutex. Thi...

EUVD-2021-9853

Malicious code in bioql PyPI...

EUVD-2022-35585

Malicious code in bioql PyPI...

EUVD-2021-9883

Malicious code in bioql PyPI...

EUVD-2022-35584

Malicious code in bioql PyPI...

EUVD-2021-9919

Malicious code in bioql PyPI...

EUVD-2021-9851

Malicious code in bioql PyPI...

EUVD-2021-9931

Malicious code in bioql PyPI...

CVE-2021-22796

A CWE-287: Improper Authentication vulnerability exists that could allow remote code execution when a malicious file is uploaded. Affected Product: C-Bus Toolkit V1.15.9 and prior, C-Gate Server V2.11.7 and prior...

CVE-2021-22717

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists in C-Bus Toolkit V1.15.7 and prior that could allow a remote code execution when processing config files...

Schneider Electric C-Bus Toolkit FileCommand Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric C-Bus Toolkit. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileCommand command. The issue results from the lack of proper...

Schneider Electric C-Bus Toolkit TransferCommand Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric C-Bus Toolkit. Authentication is not required to exploit this vulnerability. The specific flaw exists within the TransferCommand command. The issue results from an exposed dangerou...

VulnCheck KEV: CVE-2022-34753

A CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause remote root exploit when the command is compromised. Affected Products: SpaceLogic C-Bus Home Controller 5200WHC2, formerly known as C-Bus Wiser Homer...

Schneider Electric SpaceLogic C-Bus Toolkit

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schneider Electric Equipment : SpaceLogic C-Bus Toolkit Vulnerabilities : Improper Privilege Management, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities...