glances 安全漏洞

Glances is a system monitoring tool developed by Nicolas Hennion. Versions of Glances prior to 4.5.3 contained security vulnerabilities; these vulnerabilities stemmed from the dynamic execution of system commands based on configuration values, which could lead to privilege escalation...

code injection vulnerability exists in the huggingface/text-generation-inference repository

A code injection vulnerability exists in the huggingface/text-generation-inference repository, specifically within the autodocs.yml workflow file. The vulnerability arises from the insecure handling of the github.headref user input, which is used to dynamically construct a command for installing ...

PT-2020-10038 · Zoho +1 · Zoho Manageengine Assetexplorer +1

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine Asset Explorer version 6.5 Description: The issue arises from the lack of validation of the System Center Configuration Manager SCCM database username when dynamically generating a command to schedule scans for SCCM. This...

Cisco FireSIGHT System VPN Policy Bypass Vulnerability

Cisco FireSIGHT System Software is the United States Cisco Cisco company's set of management center software, which supports the centralized management of the use of FirePOWER Services Cisco ASA and Cisco FirePOWER network security appliances network security and operational functions of the...

PT-2018-8761 · Cisco · Cisco Firesight System

Name of the Vulnerable Software and Affected Versions: Cisco FireSIGHT System Software affected versions not specified Description: A vulnerability in the VPN configuration management could allow an unauthenticated, remote attacker to bypass VPN security due to unintended side effects of dynamic...