21 matches found
Moderate: pcs security update
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: tornado-python: Tornado: Denial of Service via large multipart bodies CVE-2026-31958 For more details about the security issues, including the impact, a CVSS score,...
ALSA-2026:0930 Moderate: pcs security update
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: tornado: Tornado Quadratic DoS via Repeated Header Coalescing CVE-2025-67725 tornado: Tornado Quadratic DoS via Crafted Multipart Parameters CVE-2025-67726 For more details about...
CVE-2025-8386
The vulnerability, if exploited, could allow an authenticated miscreant with privilege of "aaConfigTools" to tamper with App Objects' help files and persist a cross-site scripting XSS injection that when executed by a victim user, can result in horizontal or vertical escalation of privileges. The...
EUVD-2020-26764
Malware in sbrugna...
EUVD-2018-14216
Malware in sbrugna...
[SECURITY] Fedora 42 Update: systemd-257.6-1.fc42
systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses sock et and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...
The vulnerability of the Consul Community Edition and Consul Enterprise configuration tools lies in their failure to remove HTTP headers from script syntax, allowing attackers to gain access to confidential information.
The vulnerability of the Consul service configuration tool lies in the lack of measures taken to neutralize HTTP headers in script syntax. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to confidential information through a specially crafted HTTP reques...
CVE-2024-24791 vulnerabilities
Vulnerabilities for packages: supercronic, direnv, delve, hugo, jitsucom-bulker, newrelic-infrastructure-agent, eksctl, tigera-operator-fips, kubernetes, local-static-provisioner, chartmuseum, cert-manager-cmctl, git-lfs, nri-discovery-kubernetes, grafana-fips, cni-plugins, harbor-registry-fips,...
CVE-2023-2062 Information Disclosure vulnerability in EtherNet/IP Configuration tools
Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/...
Wago PFC200 iocheckd service 'I/O-Check' cache Command Injection (CVE-2019-5172)
An exploitable command injection vulnerability exists in the iocheckd service I/O-Check' function of the WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1e840 the extracted ntp value from the xml file is use...
Design/Logic Flaw
The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. The tool allows putting a password protection on configured devices to restrict access to the configuration of an AMC2. An attacker can circumvent this protection and make...
Bosch Amc2 访问控制错误漏洞
Bosch Amc2 is an access modular controller from Bosch, Germany. An access control error vulnerability exists in the Bosch AMC2 that stems from the Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe used to configure certain settings in the AMC2 device. The tools allow password protection...
The vulnerability of the Switch Configuration Tools Backend component (clcmd_server) of the Cumulus Linux operating system allows a hacker to execute arbitrary commands.
The vulnerability of the Switch Configuration Tools Backend component clcmdserver in the Cumulus Linux operating system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to execute arbitrary commands using metashell shells, utilizing the “cl-rctl”...
Command injection
The Switch Configuration Tools Backend clcmdserver in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label...
CVE-2015-5699
The Switch Configuration Tools Backend clcmdserver in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label...
CVE-2015-5699
The Switch Configuration Tools Backend clcmdserver in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label...
CVE-2015-5699
The CVE-2015-5699 entry concerns Cumulus Linux 2.5.3 and earlier, where the Switch Configuration Tools Backend (clcmd_server) is vulnerable to local command injection. The vulnerability arises because clcmd_server executes shell commands appended to the end of a cl-rctl command label if the label...
Cumulus Linux's Switch Configuration Tools Backend privilege escalation
Privilege escalation via command injection...
MDVA-2009:171 : ldetect-lst
This makes the configuration tools use the proper driver for two Matrox cards bug 53564 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This script was automatically...
Mandriva Update for drakx-net MDVA-2008:190 (drakx-net)
Check for the Version of drakx-net OpenVAS Vulnerability Test Mandriva Update for drakx-net MDVA-2008:190 drakx-net Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...