Lucene search
K

8 matches found

Packet Storm News
Packet Storm News
added 2026/01/09 12:0 a.m.4 views

Udev Persistence Script

This Metasploit module will add a script in /lib/udev/rules.d/ in order to execute a payload written on disk. It will be executed with root privileges every time a network interface other than l0 comes up. Execution is triggered through the at command, so it must be installed on the target...

7.2AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/11/06 7:47 p.m.3 views

CVE-2025-34244 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxDeviceFwRulesAction()

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxFwRulesController.ajaxDeviceFwRulesAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

5.3CVSS7.2AI score0.00284EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/06 7:47 p.m.7 views

CVE-2025-34244 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxDeviceFwRulesAction()

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxFwRulesController.ajaxDeviceFwRulesAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

5.3CVSS0.00284EPSS
Exploits0References3
OSV
OSV
added 2024/09/02 8:9 a.m.21 views

OPENSUSE-SU-2024:0274-1 Security update for cacti, cacti-spine

This update for cacti, cacti-spine fixes the following issues: - cacti 1.2.27: CVE-2024-34340: Authentication Bypass when using using older password hashes boo1224240 CVE-2024-25641: RCE vulnerability when importing packages boo1224229 CVE-2024-31459: RCE vulnerability when plugins include files...

9.1CVSS7.9AI score0.86303EPSS
Exploits26References21
OSV
OSV
added 2022/11/30 6:15 a.m.4 views

UBUNTU-CVE-2022-46338

g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to make supported device nodes world-readable and writable, allowing any process on the system to read traffic from keyboards, including sensitive data...

6.5CVSS5.8AI score0.00659EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/11/30 12:0 a.m.5 views

PT-2022-27827 · G810-Led · G810-Led

Name of the Vulnerable Software and Affected Versions: g810-led version 0.4.2 Description: The issue allows any process on the system to read traffic from keyboards, including sensitive data, due to a udev rule that makes supported device nodes world-readable and writable. This affects a LED...

6.5CVSS6.7AI score0.00659EPSS
Exploits0References17
OSV
OSV
added 2021/10/18 2:5 p.m.5 views

OPENSUSE-SU-2021:1370-1 Security update for systemd

This update for systemd fixes the following issues: - CVE-2021-33910: Fixed use of strdupa on a path bsc1188063. - logind: terminate cleanly on SIGTERM/SIGINT bsc1188018. - Adopting BFQ to control I/O jscSLE-21032, bsc1134353. - Rules weren't applied to dm devices multipath bsc1188713. - Ignore...

5.5CVSS5.9AI score0.0865EPSS
Exploits2References11
BDU FSTEC
BDU FSTEC
added 2019/10/01 12:0 a.m.20 views

The vulnerability of the fly-admin-local-se component in the FLY operating system of the Astra Linux platform allows a attacker to compromise data integrity, gain unauthorized access to protected information, and cause service interruptions.

The vulnerability of the fly-admin-local-se component in the FLY operating system of Astra Linux is related to logging errors when changing user privileges, as well as errors in creating rules for devices with the same name. Exploiting this vulnerability can allow attackers to compromise data...

6.3CVSS5.5AI score
Exploits0References1
Rows per page
Query Builder