292 matches found
CVE-2024-33394
An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...
Kubevirt 安全漏洞
Kubevirt is a virtual machine manager. A security vulnerability exists in kubevirt v1.2.0 and earlier versions, which stems from a vulnerability that allows a local attacker to execute arbitrary code via a crafted command...
karmada-io karmada 安全漏洞
Karmada is a Kubernete management system open-sourced by karmada-io. A security vulnerability exists in karmada-io karmada v1.9.0 and earlier versions, which stems from a vulnerability that allows a local attacker to execute arbitrary code via a crafted command...
CVE-2024-33394
An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...
CVE-2024-33396
An issue in karmada-io karmada v1.9.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...
CVE-2024-33393
An issue in spidernet-io spiderpool v.0.9.3 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...
Spidernet-io Spiderpool 安全漏洞
Spiderpool is a Kubernetes underlay and RDMA networking solution open-sourced by spidernet-io. A security vulnerability exists in Spidernet-io Spiderpool v.0.9.3 and earlier versions, which stems from a vulnerability that allows a local attacker to execute arbitrary code via a crafted command...
CVE-2024-33393
CVE-2024-33393 affects spidernet-io Spiderpool
CVE-2024-33393
An issue in spidernet-io spiderpool v.0.9.3 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...
CVE-2024-33393
An issue in spidernet-io spiderpool v.0.9.3 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...
CVE-2023-29181
A use of externally-controlled format string in Fortinet FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0....
Command injection
An issue discovered in TenghuTOS TWS-200 firmware version:V4.0-201809201424 allows a remote attacker to execute arbitrary code via crafted command on the ping page component...
CVE-2023-51217
An issue discovered in TenghuTOS TWS-200 firmware version:V4.0-201809201424 allows a remote attacker to execute arbitrary code via crafted command on the ping page component...
CVE-2023-51217
An issue discovered in TenghuTOS TWS-200 firmware version:V4.0-201809201424 allows a remote attacker to execute arbitrary code via crafted command on the ping page component...
CVE-2023-51062
An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command...
CVE-2023-51062
An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command...
CVE-2023-51062
An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command...
PT-2024-14041 · Qstar · Qstar Archive Solutions
Name of the Vulnerable Software and Affected Versions: QStar Archive Solutions version RELEASE 3-0 Build 7 Patch 0 Description: The issue allows attackers to disclose the SMB Log contents via executing a crafted command, specifically through an unauthenticated log file read in the component...
Vulnerability fixed in ProFTPd
A vulnerability has been fixed in ProFTPd. The vulnerability allows an authenticated remote malicious person to perform a denial-of-service DoS via a specially prepared command to cause a denial-of-service DoS cause. The developers of ProFTP have released updates to fix the vulnerability. For mor...
CVE-2023-4397
A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50W series firmware version 5.37, and USG20W-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause...