37 matches found
CVE-2023-33300
A improper neutralization of special elements used in a command 'command injection' in Fortinet FortiNAC 7.2.1 and earlier, 9.4.3 and earlier allows attacker a limited, unauthorized file access via specifically crafted request in inter-server communication port...
SUSE SLES15: cobbler / grafana-formula / inter-server-sync / mgr-daemon / etc (SUSE-SU-2024:4006-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4006-1 advisory. cobbler: - Security issues fixed: CVE-2024-47533: Prevent privilege escalation from none to admin bsc1231332 - Other bugs fixed: Increase start...
CVE-2023-33299
A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed...
CVE-2023-33299
A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed...
Deserialization of untrusted data
A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed...
Fortinet FortiNAC 代码问题漏洞
Fortinet FortiNAC is a set of network access control solutions from the U.S. company Fita Fortinet. The product is primarily used for network access control and IoT security. A security vulnerability exists in Fortinet FortiNAC versions prior to 7.2.1, prior to 9.4.3, prior to 9.2.8, and prior to...
Fortinet FortiNAC RCE (FG-IR-23-074)
The version of FortiNAC installed on the remote host is prior to 9.4.3. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-074 advisory. - A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows...
PT-2023-3633 · Fortinet · Fortinac
Name of the Vulnerable Software and Affected Versions: Fortinet FortiNAC versions prior to 7.2.1 Fortinet FortiNAC versions prior to 9.4.3 Fortinet FortiNAC versions prior to 9.2.8 Fortinet FortiNAC versions 8.x and earlier Description: The issue is related to a deserialization of untrusted data...
kernel: NFSD: fix use-after-free on source server when doing inter-server copy
In the Linux kernel, the following vulnerability has been resolved: NFSD: fix use-after-free on source server when doing inter-server copy Use-after-free occurred when the laundromat tried to free expired cpntfstate entry on the s2scpstateids list after inter-server copy completed. The sccplist...
GSD-2022-1007043 NFSD: fix use-after-free on source server when doing inter-server copy
NFSD: fix use-after-free on source server when doing inter-server copy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.75 by commit...
GSD-2022-1006774 NFSD: fix use-after-free on source server when doing inter-server copy
NFSD: fix use-after-free on source server when doing inter-server copy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
PT-2022-35503 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.150 Description: The issue is related to a use-after-free error on the source server when performing inter-server copy. The actual impact and attack plausibility have not yet been proven. Recommendations:...
PT-2022-35029 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to a use-after-free error on the source server when performing inter-server copy. This problem is noted in the context of NFSD. The actual impact and potential for attack...
PT-2022-35298 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue is related to a use-after-free error on the source server when performing inter-server copy. The actual impact and attack plausibility have not yet been proven. Recommendations: F...
Path traversal
A Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to read files...
SUSE-SU-2022:2144-1 Security update for SUSE Manager Server 4.2
This update fixes the following issues: inter-server-sync: - version 0.2.2 Parameter --channel-with-children didn't export data bsc1199089 Clean rhnchannelcloned table to rebuild hierarchy bsc1197400 - Version 0.2.1 Correct sequence in use for table rhnpackagekeybsc1197400 Make Docker image expor...
DLA-384-1 inspircd - security update
Bulletin has no description...