SUSE Enterprise Linux SEoL (9.4.x)

According to its version, SUSE Enterprise Linux is 9.4.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 8090...

The vulnerability of the cifs_stats_proc_write() function in the SMB protocol client implementation of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the cifsstatsprocwrite function in the fs/smb/client/cifsdebug.c module of the SMB protocol client implementation in Linux operating systems is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service...

CVE-2024-34352

1Panel is an open source Linux server operation and maintenance management panel. Prior to v1.10.3-lts, there are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The mirror configuration write symbol...

1Panel 命令注入漏洞

1Panel is an open source Linux server operations and management panel for the Chinese 1panel community. A command injection vulnerability exists in versions prior to 1Panel v1.10.3-lts. The vulnerability stems from the presence of a command injection issue that can lead to arbitrary file writing...

CVE-2024-34352 Arbitrary file write vulnerability in 1Panel

1Panel is an open source Linux server operation and maintenance management panel. Prior to v1.10.3-lts, there are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The mirror configuration write symbol...

CVE-2024-34352 Arbitrary file write vulnerability in 1Panel

1Panel is an open source Linux server operation and maintenance management panel. Prior to v1.10.3-lts, there are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The mirror configuration write symbol...

CVE-2024-34352 Arbitrary file write vulnerability in 1Panel

1Panel is an open source Linux server operation and maintenance management panel. Prior to v1.10.3-lts, there are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The mirror configuration write symbol...

The vulnerability of the 1Panel Linux server control panel, related to information disclosure due to inconsistencies, allows attackers to expose protected information.

The vulnerability of the 1Panel Linux server control panel is related to the exposure of information through mismatches. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

CVE-2024-30257

CVE-2024-30257 affects 1Panel, an open-source Linux server operations and maintenance panel. The vulnerability arises from password verification using a != comparison instead of the secure hmac.Equal , creating a timing side-channel that could facilitate password guessing. Multiple sources corrob...

CVE-2024-27288 1Panel open source panel project has an unauthorized vulnerability.

1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.10.1-lts, users can use Burp to obtain unauthorized access to the console page. The vulnerability has been fixed in v1.10.1-lts. There are no known workarounds...

CVE-2024-27288 1Panel open source panel project has an unauthorized vulnerability.

1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.10.1-lts, users can use Burp to obtain unauthorized access to the console page. The vulnerability has been fixed in v1.10.1-lts. There are no known workarounds...

CVE-2024-27288 1Panel open source panel project has an unauthorized vulnerability.

1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.10.1-lts, users can use Burp to obtain unauthorized access to the console page. The vulnerability has been fixed in v1.10.1-lts. There are no known workarounds...

Fortinet FortiSIEM Installed (Linux)

Binary data fortinetfortisiemnixinstalled.nbin...

CVE-2024-24768

1Panel is an open source Linux server operation and maintenance management panel. The HTTPS cookie that comes with the panel does not have the Secure keyword, which may cause the cookie to be sent in plain text if accessed using HTTP. This issue has been patched in version 1.9.6...

Code injection

1Panel is an open source Linux server operation and maintenance management panel. The HTTPS cookie that comes with the panel does not have the Secure keyword, which may cause the cookie to be sent in plain text if accessed using HTTP. This issue has been patched in version 1.9.6...

CVE-2024-24768 1Panel set-cookie is missing the Secure keyword

1Panel is an open source Linux server operation and maintenance management panel. The HTTPS cookie that comes with the panel does not have the Secure keyword, which may cause the cookie to be sent in plain text if accessed using HTTP. This issue has been patched in version 1.9.6...

1Panel set-cookie is missing the Secure keyword

The https cookie that comes with the panel does not have the Secure keyword, which may cause the cookie to be sent in plain text when accessing http accidentally. https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Headers/Set-Cookiesecure...

1Panel Security Vulnerability

1Panel is an open source Linux server operations and management panel for the Chinese 1panel community. A security vulnerability exists in 1Panel that stems from a vulnerability that causes a cookie to be sent in plain text once accessed using HTTP...

Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining

Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service DDoS attacks. "Threat...

CVE-2023-49328

On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication phase, a validated system user can achieve remote code execution via Argument Injection in the server-to-server module...