11 matches found
PT-2026-48461
🚨 CVE-2026-46558 Plane is an open-source project management tool. Prior to version 1.3.1, there is a cross-workspace asset authorization bypass lets any authenticated user read, copy, delete, and overwrite assets in other Plane workspaces. This issue has been patched in version 1.3.1. 🎖@cveNotify...
MiracleLinux 7 : samba-4.2.3-11.el7 (AXSA:2016-023:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-023:01 advisory. Samba is the standard Windows interoperability suite of programs for Linux and Unix. Security issues fixed with this release: CVE-2015-3223 The...
CVE-2025-53868
When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SFTP may be able to bypass Appliance mode restrictions using undisclosed commands. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-53868 BIG-IP SCP and SFTP vulnerability
When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SFTP may be able to bypass Appliance mode restrictions using undisclosed commands. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
F5 BIG-IP 操作系统命令注入漏洞
F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 Corporation. F5 BIG-IP suffers from an operating system command injection vulnerability that originates from an elevated privilege...
📄 CommScope Ruckus IoT Controller 1.7.1.0 Backdoor Account
CommScope Ruckus IoT Controller version 1.7.1.0 has an undocumented backdoor account. Exploit Title: CommScope Ruckus IoT Controller 1.7.1.0 - Undocumented Account Date: 2021.05.26 Exploit Author: korelogic Vendor Homepage:...
Aginode GigaSwitch 安全漏洞
Aginode GigaSwitch is a LANactive support portal from Aginode. A security vulnerability exists in Aginode GigaSwitch version v5 that stems from the use of SCP commands to access sensitive information...
PT-2024-28393 · Aginode · Aginode Gigaswitch V5
Name of the Vulnerable Software and Affected Versions: Aginode GigaSwitch V5 versions prior to 7.06G Description: The issue allows authenticated attackers with Administrator privileges to upload an earlier firmware version, exposing the device to previously patched vulnerabilities. This can be do...
F5 BIG-IP and F5 BIG-IQ Security Vulnerabilities
F5 BIG-IP and F5 BIG-IQ are both products of F5 Corporation, U.S.A. F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, etc. F5 BIG-IQ is a software-based cloud management solution. The solution supports the...
CVE-2019-6679
On BIG-IP versions 15.0.0-15.0.1, 14.1.0.2-14.1.2.2, 14.0.0.5-14.0.1, 13.1.1.5-13.1.3.1, 12.1.4.1-12.1.5, 11.6.4-11.6.5, and 11.5.9-11.5.10, the access controls implemented by scp.whitelist and scp.blacklist are not properly enforced for paths that are symlinks. This allows authenticated users wi...
DEBIAN-CVE-2015-5299
The shadowcopy2getshadowcopydata function in modules/vfsshadowcopy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORYLIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy...