MiracleLinux 4 : file-5.04-30.AXS4 (AXSA:2016-325:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-325:01 advisory. The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file...

CVE-1999-0094

AIX piodmgrsu command allows local users to gain additional group privileges...

EUVD-2009-3630

Malware in sbrugna...

EUVD-2002-1587

Malware in sbrugna...

EUVD-2014-0646

Malware in sbrugna...

EUVD-1999-0172

Malware in sbrugna...

EUVD-2008-5084

Malware in sbrugna...

EUVD-2006-7212

Malware in sbrugna...

EUVD-2024-54249

Malicious code in bioql PyPI...

CVE-2021-36180

Multiple improper neutralization of special elements used in a command vulnerabilities CWE-77 in FortiWeb management interface 6.4.1 and below, 6.3.15 and below, 6.2.5 and below may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests...

CVE-2021-26114

Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiWAN before 4.5.9 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests...

ALSA-2025:0595 Important: redis:6 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

CVE-2024-39764

Multiple OS command injection vulnerabilities exist in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A...

CVE-2022-3320 Bypassing Cloudflare Zero Trust policies using warp-cli set-custom-endpoint command

It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to disconnect and allowed bypassing administrative restrictions on a Zero Trust enrolled...

Command injection

Multiple improper neutralization of special elements used in an OS command vulnerabilities CWE-78 in the Web GUI of FortiWAN before 4.5.9 may allow an authenticated attacker to execute arbitrary commands on the underlying system's shell via specifically crafted HTTP requests...

CVE-2021-24009

CVE-2021-24009 affects Fortinet FortiWAN through its Web GUI. The issue is an OS command injection (CWE-78) caused by improper neutralization of special elements in HTTP requests, allowing an authenticated attacker to execute arbitrary commands on the underlying system shell. Impact is high, with...

CVE-2021-36180

Multiple improper neutralization of special elements used in a command vulnerabilities CWE-77 in FortiWeb management interface 6.4.1 and below, 6.3.15 and below, 6.2.5 and below may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests...

CVE-2011-5166

Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the 1 USER, 2 PASS, 3 REIN, 4 QUIT, 5 PORT, 6 PASV, 7 TYPE, 8 STRU, 9 MODE, 10 RETR, 11 STOR, 12 APPE, 13 ALLO, 14 REST, 15 RNFR, 16 RNTO, 17 ABOR, 18 DELE, 19 CWD, 20 LIST, ...

HP-UX Security patch : PHCO_9640

The remote host is missing HP-UX Security Patch number PHCO9640 . Security Vulnerabilities in the password command %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid16941;...

WinFTP Server 1.6 Denial of Service Exploit

No description provided by source. !/usr/local/bin/perl -w WinFTP server ver 1.6 D.o.S Exploit Discovered,exploited by KaGra Tested on WinXP SP1 English version Sending 40 times a username and a buffer of 1500 bytes as pass,will crash the server,as soon as is not minimized in Target computer.If h...