Lucene search
K

37 matches found

OSV
OSV
added 2025/03/14 4:15 p.m.5 views

CVE-2023-33300

A improper neutralization of special elements used in a command 'command injection' in Fortinet FortiNAC 7.2.1 and earlier, 9.4.3 and earlier allows attacker a limited, unauthorized file access via specifically crafted request in inter-server communication port...

5.3CVSS5.8AI score0.12691EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.14 views

SUSE SLES15: cobbler / grafana-formula / inter-server-sync / mgr-daemon / etc (SUSE-SU-2024:4006-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4006-1 advisory. cobbler: - Security issues fixed: CVE-2024-47533: Prevent privilege escalation from none to admin bsc1231332 - Other bugs fixed: Increase start...

9.8CVSS7.3AI score0.03948EPSS
Exploits6References60
OSV
OSV
added 2023/06/23 8:15 a.m.5 views

CVE-2023-33299

A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed...

9.8CVSS5.9AI score0.24296EPSS
Exploits0References1
NVD
NVD
added 2023/06/23 8:15 a.m.32 views

CVE-2023-33299

A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed...

9.8CVSS9.7AI score0.24296EPSS
Exploits0References1
Prion
Prion
added 2023/06/23 8:15 a.m.21 views

Deserialization of untrusted data

A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed...

7.5CVSS9.5AI score0.24296EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/06/23 12:0 a.m.5 views

Fortinet FortiNAC 代码问题漏洞

Fortinet FortiNAC is a set of network access control solutions from the U.S. company Fita Fortinet. The product is primarily used for network access control and IoT security. A security vulnerability exists in Fortinet FortiNAC versions prior to 7.2.1, prior to 9.4.3, prior to 9.2.8, and prior to...

9.8CVSS8.8AI score0.24296EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/06/23 12:0 a.m.34 views

Fortinet FortiNAC RCE (FG-IR-23-074)

The version of FortiNAC installed on the remote host is prior to 9.4.3. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-074 advisory. - A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows...

9.8CVSS9.1AI score0.24296EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/22 12:0 a.m.4 views

PT-2023-3633 · Fortinet · Fortinac

Name of the Vulnerable Software and Affected Versions: Fortinet FortiNAC versions prior to 7.2.1 Fortinet FortiNAC versions prior to 9.4.3 Fortinet FortiNAC versions prior to 9.2.8 Fortinet FortiNAC versions 8.x and earlier Description: The issue is related to a deserialization of untrusted data...

9.8CVSS8AI score0.24296EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.5 views

kernel: NFSD: fix use-after-free on source server when doing inter-server copy

In the Linux kernel, the following vulnerability has been resolved: NFSD: fix use-after-free on source server when doing inter-server copy Use-after-free occurred when the laundromat tried to free expired cpntfstate entry on the s2scpstateids list after inter-server copy completed. The sccplist...

7.8CVSS6.6AI score0.0015EPSS
Exploits0References5
OSV
OSV
added 2022/11/14 6:59 p.m.8 views

GSD-2022-1007043 NFSD: fix use-after-free on source server when doing inter-server copy

NFSD: fix use-after-free on source server when doing inter-server copy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.75 by commit...

7.3AI score
Exploits0
OSV
OSV
added 2022/11/14 6:37 p.m.9 views

GSD-2022-1006774 NFSD: fix use-after-free on source server when doing inter-server copy

NFSD: fix use-after-free on source server when doing inter-server copy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.3 views

PT-2022-35503 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.150 Description: The issue is related to a use-after-free error on the source server when performing inter-server copy. The actual impact and attack plausibility have not yet been proven. Recommendations:...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.3 views

PT-2022-35029 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to a use-after-free error on the source server when performing inter-server copy. This problem is noted in the context of NFSD. The actual impact and potential for attack...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.3 views

PT-2022-35298 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue is related to a use-after-free error on the source server when performing inter-server copy. The actual impact and attack plausibility have not yet been proven. Recommendations: F...

7.2AI score
Exploits0References1
Prion
Prion
added 2022/11/10 3:15 p.m.27 views

Path traversal

A Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote attackers to read files...

4CVSS4.5AI score0.00733EPSS
Exploits1References1Affected Software2
OSV
OSV
added 2022/06/20 2:11 p.m.10 views

SUSE-SU-2022:2144-1 Security update for SUSE Manager Server 4.2

This update fixes the following issues: inter-server-sync: - version 0.2.2 Parameter --channel-with-children didn't export data bsc1199089 Clean rhnchannelcloned table to rebuild hierarchy bsc1197400 - Version 0.2.1 Correct sequence in use for table rhnpackagekeybsc1197400 Make Docker image expor...

9.8CVSS7.6AI score0.04581EPSS
Exploits3References25
OSV
OSV
added 2016/01/13 12:0 a.m.24 views

DLA-384-1 inspircd - security update

Bulletin has no description...

8.6CVSS8.4AI score0.02282EPSS
Exploits1
Rows per page
Query Builder