18 matches found
DEBIAN-CVE-2026-40941
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...
CVE-2026-40941
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...
CVE-2026-40941
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...
PT-2026-52628
Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description Cacti is an open source performance and fault management framework. The software contains a package import signature validation bypass that allows the use of self-signed packages. Recommendations Upda...
CVE-2026-39899
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in packageimport.php. This issue has been fixed in version 1.2.31...
UBUNTU-CVE-2026-39899
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in packageimport.php. This issue has been fixed in version 1.2.31...
CVE-2026-39899
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in packageimport.php. This issue has been fixed in version 1.2.31...
PT-2026-52134
Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description Cacti is an open source performance and fault management framework. The software contains a path traversal flaw in the 'package import.php' endpoint, where the filename parameter is not properly...
MAL-2026-2790 Malicious code in package-with-import-assertions (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 607b154dcfd87f209bf01efe33fdd864fe77432b9c7a246b4520d137236afe1c The package package-with-import-assertions was found to contain malicious code...
Exploit for Improper Input Validation in Cacti
CVE-2024-25641 - Cacti 1.2.26 - Arbitrary file write to RCE 🌵...
Exploit for Improper Input Validation in Cacti
CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26 Fully auto...
After importing of an OVF package from a VMware environment Virtual Machine Fails to Boot with STOP 7B or 'Device Does Not Exist'
After importing of an OVF package from a VMware environment, a Windows virtual machine fails with a STOP 0x0000007B error, or a Linux virtual machine does not boot because a device /dev/sda1 for example does not exist. On a Windows virtual machine a STOP 0x0000007B error occurs. On a Linux virtua...
SUSE CVE-2024-25641
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web...
DEBIAN-CVE-2024-25641
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web...
UBUNTU-CVE-2024-25641
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web...
CVE-2024-25641 Cacti RCE vulnerability when importing packages
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web...
CVE-2024-25641 Cacti RCE vulnerability when importing packages
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web...
CVE-2022-40264
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in ICONICS/Mitsubishi Electric GENESIS64 versions 10.96 to 10.97.2 allows an unauthenticated attacker to create, tamper with or destroy arbitrary files by getting a legitimate user import a project package...