6346 matches found
PT-2022-7606 · Apple +7 · Safari +10
Name of the Vulnerable Software and Affected Versions: Safari versions prior to 16 iOS versions prior to 16 iOS versions prior to 15.7 iPadOS versions prior to 15.7 Description: A buffer overflow issue was addressed with improved memory handling. Processing maliciously crafted web content may lea...
Metasploit Weekly Wrap-Up
Authenticated command injection vulnerability of Cisco ASA-X with FirePOWER Services: jbaines-r7 added a new module that exploits an authenticated command injection vulnerability CVE-2022-20828 of Cisco ASA-X with FirePOWER Services. This vulnerability affects all Cisco ASA appliances that suppor...
Malicious Package
Overview conflictingmodules is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this packag...
CVE-2022-36067 vm2 vulnerable to Sandbox Escape before v3.9.11
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. In versions prior to version 3.9.11, a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of...
com.lightbend.akka:akka-stream-alpakka-geode_2.11 (=2.0.2), com.lightbend.akka:akka-stream-alpakka-geode_2.12 (>=2.0.2 <=3.0.4) +41 more potentially affected by CVE-2022-37021 via org.apache.geode:geode-core (>=1.13.0 <=1.13.4)
org.apache.geode:geode-core MAVEN version =1.13.0, =2.0.2, =2.0.2, =1.13.0, =1.13.0, =1.13.0, =1.13.0, =1.13.0, =1.13.0, =1.13.0, =1.13.2, =1.13.2, =1.13.2, =1.13.0, =1.13.0, =1.13.4 and more Source cves: CVE-2022-37021 Source advisory: OSV:GHSA-Q4Q3-R45F-7GWG...
org.apache.geode:geode-apis-compatible-with-redis (=1.14.0), org.apache.geode:geode-connectors (=1.14.0) +25 more potentially affected by CVE-2022-37021 via org.apache.geode:geode-core (=1.14.0)
org.apache.geode:geode-core MAVEN version =1.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.geode:geode-core and may be impacted: - org.apache.geode:geode-apis-compatible-with-redis =1.14.0 - org.apache.geode:geode-connectors =1.14.0 -...
Dell Container Storage Modules OS Command Injection Vulnerability (CNVD-2023-08770)
Dell Container Storage Modules is a set of modules from Dell USA. Dell Container Storage Modules version 1.2 contains an operating system command injection vulnerability, which stems from a failure to properly filter constructed command special characters, commands, etc. in the goiscsi and gobric...
Fedora: Security Advisory for varnish-modules (FEDORA-2022-99702d9bdd)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-34374
Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to to execute arbitrary OS commands on the affected system...
CVE-2022-34375
Dell Container Storage Modules 1.2 contains a path traversal vulnerability in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to unintentional access to path outside of restricted directory...
CVE-2022-34374
Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to to execute arbitrary OS commands on the affected system...
CVE-2022-34375
Dell Container Storage Modules 1.2 contains a path traversal vulnerability in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to unintentional access to path outside of restricted directory...
Path traversal
Dell Container Storage Modules 1.2 contains a path traversal vulnerability in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to unintentional access to path outside of restricted directory...
Command injection
Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to to execute arbitrary OS commands on the affected system...
CVE-2022-34375
Dell Container Storage Modules 1.2 contains a path traversal vulnerability in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to unintentional access to path outside of restricted directory...
CVE-2022-34375
Summary: Dell Container Storage Modules 1.2 contains a path traversal vulnerability in the goiscsi and gobrick libraries. A remote authenticated attacker with low privileges could exploit this to gain unintentional access to paths outside of restricted directories. What’s affected: Dell Container...
CVE-2022-34374
CVE-2022-34374 affects Dell Container Storage Modules (version 1.2). The vulnerability is an OS command injection in the goiscsi and gobrick libraries, caused by improper handling/validation of constructed commands. A remote authenticated attacker with low privileges could exploit this to execute...
CVE-2022-34374
Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to to execute arbitrary OS commands on the affected system...
PT-2022-22152 · Dell · Dell Container Storage Modules
Name of the Vulnerable Software and Affected Versions: Dell Container Storage Modules version 1.2 Description: The issue is related to a path traversal vulnerability in the goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this, leading to...
PT-2022-22151 · Dell · Dell Container Storage Modules
Name of the Vulnerable Software and Affected Versions: Dell Container Storage Modules version 1.2 Description: The issue is related to an OS command injection in the goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this, leading to the executi...