Command injection

FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This vulnerability allows the attacker, once logged in, to send commands to the operating system as the root user via the ping diagnostic tool, bypassing the IP address field, and concatenating OS commands...

CVE-2021-42912

FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This vulnerability allows the attacker, once logged in, to send commands to the operating system as the root user via the ping diagnostic tool, bypassing the IP address field, and concatenating OS commands...

selinux-policy bug fix and enhancement update

An update is available for selinux-policy. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The selinux-policy packages contain the rules that govern how confined...

selinux-policy bug fix and enhancement update

The selinux-policy packages contain the rules that govern how confined processes run on the system. Bug Fixes and Enhancements: RHEL 8.4 Backport container-selinux policy to allow spct domains to set bpf rules on any domain BZ2015846 AVC prevents ping -I from running in UBI 8 container BZ2027691...

UBUNTU-CVE-2018-25022

The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address when knowing only their Tox Id by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion...

Design/Logic Flaw

The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address when knowing only their Tox Id by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion...

CVE-2018-25022

The CVE-2018-25022 entry concerns the Onion module in toxcore before 0.2.2, where the Onion module does not restrict which packets can be onion-routed. This allows a remote attacker to discover a target user’s IP address (given only the Tox Id) by manipulating DHT proximity to cause an onion conn...

CVE-2018-25022

The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address when knowing only their Tox Id by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion...

OPENSUSE-SU-2021:1544-1 Security update for aaa_base

This update for aaabase fixes the following issues: - Allowed ping and ICMP commands without CAPNETRAW bsc1174504. - Add $HOME/.local/bin to PATH, if it exists bsc1192248. - Fixed getkernelversion.c to work also for recent kernels on the s390/X platform bsc1191563. - Support xz compressed kernel...

Security update for aaa_base (moderate)

openSUSE Security Update: Security update for aaabase Announcement ID: openSUSE-SU-2021:1544-1 Rating: moderate References: 1162581 1174504 1191563 1192248 Affected Products: openSUSE Leap 15.2 An update that contains security fixes can now be installed. Description: This update for aaabase fixes...

SUSE-SU-2021:3899-1 Security update for aaa_base

This update for aaabase fixes the following issues: - Allowed ping and ICMP commands without CAPNETRAW bsc1174504. - Add $HOME/.local/bin to PATH, if it exists bsc1192248. - Fixed getkernelversion.c to work also for recent kernels on the s390/X platform bsc1191563. - Support xz compressed kernel...

OPENSUSE-SU-2021:3899-1 Security update for aaa_base

This update for aaabase fixes the following issues: - Allowed ping and ICMP commands without CAPNETRAW bsc1174504. - Add $HOME/.local/bin to PATH, if it exists bsc1192248. - Fixed getkernelversion.c to work also for recent kernels on the s390/X platform bsc1191563. - Support xz compressed kernel...

Security update for aaa_base (moderate)

openSUSE Security Update: Security update for aaabase Announcement ID: openSUSE-SU-2021:3899-1 Rating: moderate References: 1162581 1174504 1191563 1192248 Affected Products: openSUSE Leap 15.3 An update that contains security fixes can now be installed. Description: This update for aaabase fixes...

ZOHO ManageEngine Network Configuration Manager Command Injection Vulnerability

ZOHO ManageEngine Network Configuration Manager is a multi-vendor network change, configuration and compliance management Nccm solution from ZOHO USA. A command injection vulnerability exists in ZOHO ManageEngine Network Configuration Manager, which stems from the product's Ping feature that does...

CVE-2021-43319

Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection due to improper validation in the Ping functionality...

CVE-2021-43319

Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection due to improper validation in the Ping functionality...

CVE-2021-43283

An issue was discovered on Victure WR1200 devices through 1.0.3. A command injection vulnerability was found within the web interface of the device, allowing an attacker with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges. This occurs in the...

Command injection

An issue was discovered on Victure WR1200 devices through 1.0.3. A command injection vulnerability was found within the web interface of the device, allowing an attacker with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges. This occurs in the...

Command injection

Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection due to improper validation in the Ping functionality...

CVE-2021-43319

Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection due to improper validation in the Ping functionality...