EUVD-2024-34368

Malicious code in bioql PyPI...

iXsystems FreeNAS 安全漏洞

Ixsystems iXsystems FreeNAS is an open source storage operating system from Ixsystems Inc. in the United States. A security vulnerability exists in iXsystems FreeNAS version 0.7.2, which originates from a web interface that contains an unauthenticated command execution backdoor that could lead to...

CVE-2024-11946

iXsystems TrueNAS CORE fetchpluginpackagesites tar Cleartext Transmission of Sensitive Information Vulnerability. This vulnerability allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS devices. Authentication is not required to...

CVE-2024-11946

The CVE-2024-11946 entry concerns iXsystems TrueNAS CORE. The flaw exists in firmware update handling, caused by using an insecure protocol to deliver updates, enabling network-adjacent attackers to tamper with firmware update files on affected installations. Authentication is not required to exp...

CVE-2024-11946 iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive Information Vulnerability

iXsystems TrueNAS CORE fetchpluginpackagesites tar Cleartext Transmission of Sensitive Information Vulnerability. This vulnerability allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS devices. Authentication is not required to...

CVE-2024-11944

CVE-2024-11944 affects iXsystems TrueNAS CORE (tarfile.extractall). The flaw is lack of validation of a user-supplied path in tarfile.extractall, enabling directory traversal and remote code execution with root privileges on affected installations, exploitable by network-adjacent attacker without...

(Pwn2Own) iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tarfile.extractall method. The issue results from the lack of...

iXsystems FreeNAS Denial of Service (CVE-2020-11650)

A denial of service vulnerability exists in iXsystems FreeNAS. A remote unauthenticated attacker can exploit this vulnerability to cause a denial of service condition on an affected system...

iXsystems FreeNAS Denial of Service Vulnerability

iXsystems FreeNAS is a set of open source storage operating system from iXsystems Inc. in the United States. A security vulnerability exists in iXsystems FreeNAS version 11.2 and version 11.3 prior to 11.3-U1. An attacker could exploit this vulnerability to cause a denial of service...

CVE-2020-11650

An issue was discovered in iXsystems FreeNAS and TrueNAS 11.2 before 11.2-u8 and 11.3 before 11.3-U1. It allows a denial of service. The login authentication component has no limits on the length of an authentication message or the rate at which such messages are sent...

Authentication flaw

An issue was discovered in iXsystems FreeNAS and TrueNAS 11.2 before 11.2-u8 and 11.3 before 11.3-U1. It allows a denial of service. The login authentication component has no limits on the length of an authentication message or the rate at which such messages are sent...

CVE-2020-11650

CVE-2020-11650 affects iXsystems FreeNAS/TrueNAS 11.2 prior to 11.2-u8 and 11.3 prior to 11.3-U1. The denial-of-service arises because the login authentication component places no limits on the length or rate of authentication messages. Impact: availability degradation. Remediation indicated in t...

CVE-2020-11650

An issue was discovered in iXsystems FreeNAS and TrueNAS 11.2 before 11.2-u8 and 11.3 before 11.3-U1. It allows a denial of service. The login authentication component has no limits on the length of an authentication message or the rate at which such messages are sent...