23 matches found
CVE-2025-68716
KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 enable the SSH service enabled by default on the LAN interface. The root account is configured with no password, and administrators cannot disable SSH or enforce authentication via the CLI or web GUI. This allows any LAN-adjacent attacker to...
EUVD-2020-7690
Malware in sbrugna...
EUVD-2020-24651
Malware in sbrugna...
EUVD-1999-1473
Malware in sbrugna...
EUVD-2001-0366
Malware in sbrugna...
EUVD-2022-46453
Malicious code in bioql PyPI...
EUVD-2025-24880
Malicious code in bioql PyPI...
CVE-2025-20220
A vulnerability in the CLI of Cisco Secure Firewall Management Center FMC Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper inp...
CVE-2025-20278
CVE-2025-20278 affects Cisco Unified Communications products. The vulnerability is a command-injection flaw in the CLI due to insufficient validation of command arguments, allowing an authenticated local attacker to execute arbitrary OS commands as root on an affected device. Exploitation require...
CVE-2025-20197
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific...
Linux Distros Unpatched Vulnerability : CVE-2022-27239
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root...
USN-7117-2: needrestart regression
USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Qualys discovered that needrestart passed unsanitized data to a library libmodule-scandeps-perl which...
IBM Spectrum Scale 安全漏洞
IBM Spectrum Scale is a suite of scalable data and file management solutions from International Business Machines IBM based on IBM GPFS, an enterprise file management system optimized for petabyte-scale storage management. The product supports helping customers reduce storage costs while improvin...
CVE-2023-28960
An Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Networks Junos OS Evolved allows a local, authenticated low-privileged attacker to copy potentially malicious files into an existing Docker container on the local system. A follow-on administrator could then...
[ASA-202107-48] linux: privilege escalation
Arch Linux Security Advisory ASA-202107-48 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-3609 CVE-2021-3612 CVE-2021-33909 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-2181 Summary ======= The...
CVE-2021-31155
Failure to normalize the umask in please before 0.4 allows a local attacker to gain full root privileges if they are allowed to execute at least one command...
Mandrake Linux Security Advisory : printer-drivers (MDKSA-2003:010)
Karol Wiesek and iDefense disovered three vulnerabilities in the printer-drivers package and tools it installs. These vulnerabilities allow a local attacker to empty or create any file on the filesystem. The first vulnerability is in the mtink binary, which has a buffer overflow in its handling o...
Fedora Core 1 : kernel-2.4.22-1.2138.nptl (2003-046)
Paul Starzetz discovered a flaw in bounds checking in mremap in the Linux kernel versions 2.4.23 and previous which may allow a local attacker to gain root privileges. No exploit is currently available; however, it is believed that this issue is exploitable although not trivially. The Common...
DSA-461 calife - buffer overflow
Bulletin has no description...
intersystems.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 07.01.03: http://www.idefense.com/advisory/07.01.03.txt Caché Insecure Installation File and Directory Permissions July 1, 2003 I. BACKGROUND InterSystems Corp.s Caché is a post-relational database for e-applications that i...