354 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-0293
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial ...
Security update for ovmf
This update for ovmf fixes the following issues: PXE boot is failing due to patches applied to fix CVE-2023-45236 and CVE-2023-45237 bsc1237084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...
The vulnerability of the demon ksmbd.mountd of the file server ksmbd (fs/smb/server/ksmbd_netlink.h) in the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the “demon ksmbd.mountd” of the file server “ksmbd” fs/smb/server/ksmbdnetlink.h in the Linux operating system is related to the issue of operations going beyond the buffer in memory when processing IPC responses. Exploiting this vulnerability can allow an attacker to cause a...
The vulnerability of the decrypt_raw_data() function in the SMB subsystem of the Linux operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the decryptrawdata function in the fs/smb/client/smb2ops.c module of the SMB subsystem of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity,...
CVE-2024-51358
An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via a crafted script to the Add new application...
CVE-2024-51358
CVE-2024-51358 affects Linux Server Heimdall v2.6.1. A remote attacker can execute arbitrary code by sending a crafted script to the Add new application endpoint. Impact per CVSS: HIGH confidentiality, integrity, and availability; base score 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Multiple sou...
CVE-2024-51358
An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via a crafted script to the Add new application...
CVE-2024-51358
An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via a crafted script to the Add new application...
PT-2024-34604 · Unknown · Linux Server Heimdall
Name of the Vulnerable Software and Affected Versions: Linux Server Heimdall version 2.6.1 Description: An issue in Linux Server Heimdall allows a remote attacker to execute arbitrary code via a crafted script to the "Add new application" endpoint. Recommendations: For Linux Server Heimdall versi...
Exploit for Code Injection in Vmware Spring_Cloud_Data_Flow
Use dnslog to detect whether CVE-2024-37084 vulnerability exi...
The vulnerability of the smb2_get_data_area_len() function in the implementation of the SMB protocol server for Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the smb2getdataarealen function in the fs/smb/server/smb2misc.c module of the SMB protocol server implementation in Linux operating systems is related to accessing memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the...
The vulnerability of the 1Panel Linux server control panel, related to the lack of security measures for SQL query structures, allows attackers to gain unauthorized access to protected information and execute arbitrary code.
The vulnerability of the 1Panel Linux server’s control panel is related to the lack of measures taken to protect the SQL query structure when processing the orderBy parameter. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected information and execute arbitra...
CVE-2024-39911 1Panel SQL injection
1Panel is a web-based linux server management control panel. 1Panel contains an unspecified sql injection via User-Agent handling. This issue has been addressed in version 1.10.12-lts. Users are advised to upgrade. There are no known workarounds for this vulnerability...
CVE-2024-39911 1Panel SQL injection
1Panel is a web-based linux server management control panel. 1Panel contains an unspecified sql injection via User-Agent handling. This issue has been addressed in version 1.10.12-lts. Users are advised to upgrade. There are no known workarounds for this vulnerability...
CVE-2024-39907 a sqlinjection in 1Panel
1Panel is a web-based linux server management control panel. There are many sql injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. These sql injections have been resolved in version 1.10.12-tls. Users are advised to...
CVE-2024-39907 a sqlinjection in 1Panel
1Panel is a web-based linux server management control panel. There are many sql injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. These sql injections have been resolved in version 1.10.12-tls. Users are advised to...
CVE-2024-39907 a sqlinjection in 1Panel
1Panel is a web-based linux server management control panel. There are many sql injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. These sql injections have been resolved in version 1.10.12-tls. Users are advised to...
CVE-2024-31504
Buffer Overflow vulnerability in SILA Embedded Solutions GmbH freemodbus v.2018-09-12 allows a remtoe attacker to cause a denial of service via the LINUXTCP server component...
SILA Embedded Solutions GmbH freemodbus Security Vulnerability
SILA Embedded Solutions Freemodbus is an open source Modbus protocol stack from SILA Embedded Solutions. A security vulnerability exists in SILA Embedded Solutions GmbH freemodbus version 2018-09-12, which stems from a buffer overflow vulnerability allows remote attackers to cause a denial of...
Exploit for Missing Authentication for Critical Function in Jetbrains Teamcity
PoC exploit for CVE-2023-42793, a TeamCity RCE vulnerability on...