CVE-2024-0816

The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50ABVY.4C0 could allow an authenticated local attacker to cause denial of service DoS conditions by executing the CLI command with crafted strings on an affected device...

Zyxel DX3300-T1 安全漏洞

The Zyxel DX3300-T1 is a WiFi 6 Mesh device from China's Hopkins Technology Zyxel. A security vulnerability exists in the Zyxel DX3300-T1 V5.50ABVY.4C00 firmware version that originates from a vulnerability that could allow an authenticated, local attacker to cause a denial of service by executin...

[SECURITY] Fedora 40 Update: podman-5.0.3-1.fc40

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

The vulnerabilities of the FortiOS command-line interpreter, the FortiSwitchManager local management platform, and the FortiProxy proxy server for protecting against internet attacks allow attackers to execute arbitrary code.

The vulnerability of the FortiOS command-line interpreter, the local management platform FortiSwitchManager, and the FortiProxy proxy server for protecting against internet attacks is related to the use of an uncontrolled format string. Exploiting this vulnerability allows an attacker to execute...

GHSA-3783-62VC-JR7X ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git command

ID: NFLX-2024-002 Impact Authenticated users can achieve limited RCE in ConsoleMe, restricted to flag inputs on a single CLI command. Due to this constraint, it is not currently known whether full RCE is possible but it is unlikely. However, a specific flag allows authenticated users to read any...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.57 security update

Red Hat OpenShift Container Platform release 4.12.57 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.57 security update

Red Hat OpenShift Container Platform release 4.12.57 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of...

CVE-2024-20389

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement whe...

CVE-2024-20326

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement whe...

CVE-2024-20326

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement whe...

CVE-2024-20389

CVE-2024-20389 affects the ConfD CLI and Cisco Crosswork NSO CLI. The issue stems from improper authorization enforcement when specific CLI commands are used, allowing an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying OS. Exploitation is ...

CVE-2024-20389

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement whe...

CVE-2024-20389

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement whe...

CVE-2024-20326

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement whe...

CVE-2024-20326

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement whe...

CVE-2024-20326

The CVE-2024-20326 entry applies to Cisco ConfD CLI and Cisco Crosswork NSO CLI. The vulnerability stems from improper authorization enforcement for specific CLI commands, allowing an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying OS. Exp...

USN-6773-1: .NET vulnerabilities

It was discovered that .NET did not properly handle memory in it's Double Parse routine. An attacker could possibly use this issue to achieve remote code execution. CVE-2024-30045 It was discovered that .NET did not properly handle the usage of a shared resource. An attacker could possibly use th...

Fedora 39 : python-tqdm (2024-ef71921bde)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-ef71921bde advisory. Address CVE-2024-34062 local code execution Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

Fedora 38 : python-tqdm (2024-24e4bba70f)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-24e4bba70f advisory. Address CVE-2024-34062 local code execution Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

GHSA-PQJM-XCP8-WGMM Ez Platform and Legacy are prone to an insecure interpretation of PHP/PHAR uploads

The eZ Platform and Legacy are affected by an issue related to how uploaded PHP and PHAR files are handled, and consists of two parts: 1. Web server configuration, and 2. Disabling the PHAR stream wrapper. 1. WEB SERVER CONFIGURATION The sample web server configuration in our documentation can in...