CVE-2024-43199

Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain executable files are owned by the nagios user...

UBUNTU-CVE-2024-43199

Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain executable files are owned by the nagios user...

CVE-2024-43199

Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain executable files are owned by the nagios user...

CVE-2024-43199

Nagios NDOUtils prior to 2.1.4 is affected by CVE-2024-43199 due to executable files owned by the nagios user, enabling local privilege escalation from nagios to root. Affected software: Nagios NDOUtils (versions before 2.1.4). Root cause: ownership of certain executables by the nagios user allow...

Nagios 安全漏洞

Nagios is a suite of open source, free network monitoring tools from the US-based Nagios Corporation. A security vulnerability exists in Nagios NDOUtils prior to version 2.1.4, which stems from an executable file owned by a nagios user that can lead to elevated privileges up to root...

GO-2024-2999 Woodpecker's custom workspace allow to overwrite plugin entrypoint executable in go.woodpecker-ci.org/woodpecker

Woodpecker's custom workspace allow to overwrite plugin entrypoint executable in go.woodpecker-ci.org/woodpecker...

CVE-2024-5963

Unquoted Executable Path vulnerability in Hitachi Device Manager on Windows Device Manager Server component.This issue affects Hitachi Device Manager: before 8.8.7-00...

CVE-2024-5963 An unquoted executable path exists in Hitachi Device Manager

Unquoted Executable Path vulnerability in Hitachi Device Manager on Windows Device Manager Server component.This issue affects Hitachi Device Manager: before 8.8.7-00...

CVE-2024-5963

CVE-2024-5963 affects Hitachi Device Manager on Windows (Device Manager Server component). The vulnerability is an Unquoted Executable Path in versions before 8.8.7-00, with impact described as potential compromise of confidentiality, integrity, and availability. The issue is documented in multip...

Hitachi Device Manager 安全漏洞

Hitachi Device Manager is a device management software from Hitachi, Ltd Hitachi, Japan. It is designed to help users simplify storage resource management, optimize storage performance, and improve the reliability and availability of storage systems. A security vulnerability exists in Hitachi...

APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure

A Russia-linked threat actor has been linked to a new campaign that employed a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. "The campaign likely targeted diplomats and began as early as March 2024," Palo Alto Networks Unit 42 said in a report published...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Exim vulnerability (USN-6939-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6939-1 advisory. Phillip Szelat discovered that Exim misparses multiline MIME header filenames. A remote attacker could use this...

Ubuntu: Security Advisory (USN-6939-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6939-1: Exim vulnerability

Phillip Szelat discovered that Exim misparses multiline MIME header filenames. A remote attacker could use this issue to bypass a MIME filename extension-blocking protection mechanism and possibly deliver executable attachments to the mailboxes of end users...

USN-6939-1 exim4 vulnerability

Phillip Szelat discovered that Exim misparses multiline MIME header filenames. A remote attacker could use this issue to bypass a MIME filename extension-blocking protection mechanism and possibly deliver executable attachments to the mailboxes of end users...

GHSA-H9MQ-F6Q5-6C8M GraphQL Java does not properly consider ExecutableNormalizedFields (ENFs) as part of preventing denial of service

GraphQL Java aka graphql-java before 21.5 does not properly consider ExecutableNormalizedFields ENFs as part of preventing denial of service via introspection queries. 20.9 and 19.11 are also fixed versions...

PT-2024-28780

Name of the Vulnerable Software and Affected Versions GraphQL Java versions prior to 21.5 GraphQL Java version 20.9 GraphQL Java version 19.11 Description The issue is related to the improper consideration of ExecutableNormalizedFields ENFs in preventing denial of service via introspection querie...

GraphQL Java 安全漏洞

GraphQL Java is a GraphQL Java implementation of the GraphQL Java open source. Query language and server-side runtime for application programming interfaces APIs. A security vulnerability exists in GraphQL Java versions prior to 21.5 that stems from not properly considering...

AI/LLM Model File Contains Executable Code (Keras HFS5 .h5)

Binary data aimodelkerashfs5containsexecutablecode.nbin...

CVE-2024-7249

Comodo Firewall Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Firewall. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit...