2576 matches found
PT-2024-5538 · Zabbix +3 · Zabbix +3
Name of the Vulnerable Software and Affected Versions: Zabbix versions 6.4.0 through 6.4.15 Zabbix versions 7.0.0alpha1 through 7.0.0rc2 Description: The issue is related to the lack of default escaping for script parameters in the Monitoring Hosts section of Zabbix, allowing an administrator wit...
CVE-2024-41308
An issue in the Ping feature of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system...
CVE-2024-41308
An issue in the Ping feature of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system...
CVE-2024-41308
An issue in the Ping feature of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system...
CVE-2024-41308
An issue in the Ping feature of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system...
PT-2024-29353 · It Solutions · It Solutions Enjay Crm Os
Name of the Vulnerable Software and Affected Versions: IT Solutions Enjay CRM OS version 1.0 Description: The issue in the Ping feature allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system. Recommendations: For IT Solutions Enjay C...
CVE-2024-41308
The CVE-2024-41308 issue affects IT Solutions Enjay CRM OS v1.0 within the Ping feature. The root cause described across sources is that the Ping capability allows an attacker to escape the restricted terminal environment and obtain root-level privileges on the underlying system, resulting in a h...
CVE-2024-31977
Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility...
CVE-2024-31977
Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility...
CVE-2024-31977
Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility...
CVE-2024-31977
CVE-2024-31977 affects Adtran 834-5 devices (firmware 11.1.0.101-202106231430) with a root cause in the Ping/Traceroute utilities where shell metacharacters allow OS command injection. The vulnerability is addressed by SmartOS version 12.6.3.1 or later; SMARTOS fixes have been backported to the 1...
CVE-2024-31977
Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility...
Adtran 834-5 操作系统命令注入漏洞
The Adtran 834-5 is a Gigabit Ethernet gateway from Adtran USA. An operating system command injection vulnerability exists in the Adtran 834-5 version 11.1.0.101-202106231430, which stems from the device allowing OS commands to be injected into the Ping or Traceroute utility via shell...
CVE-2024-41880
In veilid-core in Veilid before 0.3.4, the protocol's ping function can be misused in a way that decreases the effectiveness of safety and private routes...
CVE-2024-41880
In veilid-core in Veilid before 0.3.4, the protocol's ping function can be misused in a way that decreases the effectiveness of safety and private routes...
CVE-2024-41880
In veilid-core in Veilid before 0.3.4, the protocol's ping function can be misused in a way that decreases the effectiveness of safety and private routes...
CVE-2024-41880
In veilid-core in Veilid before 0.3.4, the protocol's ping function can be misused in a way that decreases the effectiveness of safety and private routes...
CVE-2024-41880
CVE-2024-41880 affects veilid-core in Veilid prior to version 0.3.4. The issue arises from the protocol’s ping function , which can be misused to degrade the effectiveness of safety and private routes. The publicly documented remediation is to update to Veilid 0.3.4 or later . A temporary mitigat...
PT-2024-29611 · Veilid · Veilid
Name of the Vulnerable Software and Affected Versions: Veilid versions prior to 0.3.4 Description: The protocol's ping function in Veilid can be misused, decreasing the effectiveness of safety and private routes. Recommendations: For versions prior to 0.3.4, update to version 0.3.4 or later to...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...