Dell ECS 安全漏洞

Dell ECS is an enterprise-level object storage solution from the American company Dell. Versions 3.8.1.0 to 3.8.1.7 of Dell ECS, as well as versions prior to 4.3.0.0 of Dell ObjectScale, have security vulnerabilities. These vulnerabilities stem from improper management of operating system...

Cisco UCS Manager Software 安全漏洞

Cisco UCS Manager Software is a device management software developed by the American company Cisco. There is a security vulnerability in Cisco UCS Manager Software. This vulnerability stems from the unnecessary permissions assigned at the NX-OS CLI permission level, which may allow attackers with...

EUVD-2020-14290

Malware in sbrugna...

EUVD-2025-1857

Malicious code in bioql PyPI...

CVE-2020-21522

An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,the attacker can overwrite some files, such as ftl files, .bashrc files in the user directory, and finally get the permissions of the operating system...

CVE-2022-0959

A malicious, but authorised and authenticated user can construct an HTTP request using their existing CSRF token and session cookie to manually upload files to any location that the operating system user account under which pgAdmin is running has permission to write...

Kubernetes Security Is Not Container Security

Container-specific security I recently had an interesting discussion with Gianluca Brindisi from Spotify about the differences between Kubernetes security and container security. Typically, the discussion about container security focuses on general questions that aren’t focused on a specific...

Design/Logic Flaw

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root group on the underlying operating system. The vulnerability is due to incorrect permissions being set when the affected command is executed. An attacker could exploit this...

CVE-2020-21522

An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,the attacker can overwrite some files, such as ftl files, .bashrc files in the user directory, and finally get the permissions of the operating system...

QNX RTOS 2.4 File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6751/info A vulnerability has been discovered in QNX Real-Time Operating System. It has been reported that an unauthorized user may access arbitrary files. This is possible by requesting the file through the location that...

CVE-2013-3408

Summary: CVE-2013-3408 affects Cisco Virtualization Experience Client 6000 Series. The issue stems from improper implementation of underlying operating-system permissions, allowing an authenticated, local attacker to escalate privileges and take full control of the affected system. The root cause...

QNX RTOS 2.4 - File Disclosure

source: https://www.securityfocus.com/bid/6751/info A vulnerability has been discovered in QNX Real-Time Operating System. It has been reported that an unauthorized user may access arbitrary files. This is possible by requesting the file through the location that the FAT partition is mounted to...