Debian: Security Advisory (DLA-3424-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-3424-1 python-ipaddress - security update

Bulletin has no description...

[SECURITY] [DLA 3424-1] python-ipaddress security update

Debian LTS Advisory DLA-3424-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin May 16, 2023 https://wiki.debian.org/LTS Package : python-ipaddress Version : 1.0.17-1+deb10u1 CVE ID : CVE-2020-14422 Martin Wennberg discovered that python-ipaddress, a backport of...

GLSA-202305-02 : Python, PyPy3: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-02 Python, PyPy3: Multiple Vulnerabilities - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shel...

CVE-2022-43633

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

D-Link DIR-1935 操作系统命令注入漏洞

The D-Link DIR-1935 is a wireless router from China-based AUO D-Link. The D-Link DIR-1935 suffers from an operating system command injection vulnerability that originates when parsing an IPAddress element, where the process does not properly validate before executing a system call with a...

K46604804: Python vulnerability CVE-2021-29921

Security Advisory Description In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses. CVE-2021-29921 Impact There is no impact; F5...

SUSE CVE-2021-29921

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...

GSD-2023-1002034 scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress

scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.93 by commit...

GSD-2023-1002033 scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress

scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.93 by commit...

GSD-2023-1001872 scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress

scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.11 by commit...

EulerOS Virtualization 2.10.1 : python-pip (EulerOS-SA-2023-1152)

According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, whic...

EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2022-2854)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a...

D-Link DIR-1935 SetSysLogSettings IPAddress Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...

Advantech iView SQL Injection (CVE-2022-2136)

A SQL injection vulnerability exists for Advantech iView. This vulnerability is due to improper input validation for the ipaddress parameter during the updatePROMFile process...

PT-2022-22699 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A memory leak issue was found in the Linux Kernel, specifically in the ipaddr link get function of the ipaddress.c file, which is part of the iproute2 component. This issue can be...

OESA-2022-1945 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 21.3.1 Release: 1 Summary: A...

CVE-2022-36556

Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08executeping01...

CVE-2022-36556

Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08executeping01...

CVE-2022-36556

Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08executeping01...