Fedora 32 : adplug / audacious-plugins / ocp (2021-24ef21134b)

The remote Fedora 32 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2021-24ef21134b advisory. - An issue was discovered in AdPlug 2.3.1. There are several double-free vulnerabilities in the CEmuopl class in emuopl.cpp because of a destructor'...

CVE-2020-35578

An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands...

Design/Logic Flaw

An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands...

CVE-2020-35578

An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands...

CVE-2020-35578

Nagios XI before 5.8.0 is affected by CVE-2020-35578 in the Manage Plugins page. The issue arises from mishandled line-ending conversion during plugin uploads, allowing a remote, authenticated admin to execute operating-system commands and achieve remote code execution (as the apache user) via a ...

Nagios XI 操作系统命令注入漏洞

Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting and rich data visualization. A remote code execution vulnerability exists in the "Manage Plugins" page in Nagios XI versions prior to 5.8.0. The vulnerability stem...

CVE-2020-17508

The ATS ESI plugin has a memory disclosure vulnerability. If you are running the plugin please upgrade. Apache Traffic Server versions 7.0.0 to 7.1.11 and 8.0.0 to 8.1.0 are affected...

Fedora 32 : golang-github-containernetworking-plugins (2021-ccb8a9c403)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-ccb8a9c403 advisory. - A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes...

Fedora: Security Advisory for golang-github-containernetworking-plugins (FEDORA-2021-ccb8a9c403)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

mad-metasploit

This repository is an offensive tool for Metasploit framework. It is a collection of custom modules, plugins, and resource scripts for Metasploit. The primary purpose of this repository is to provide a comprehensive set of tools for exploiting vulnerabilities in various systems and applications...

[SECURITY] Fedora 32 Update: golang-github-containernetworking-plugins-0.9.0-1.fc32

Some CNI network plugins, maintained by the containernetworking team...

[SECURITY] Fedora 33 Update: awstats-7.8-2.fc33

Advanced Web Statistics is a powerful and full-featured tool that generates advanced web server graphical statistics. This server log analyzer works from the command line or as a CGI and shows all information your log contai ns, in graphical web pages. It can analyze a lot of web/wap/proxy server...

Deserialization of untrusted data

Insecure Deserialization in the Newsletter plugin before 6.8.2 for WordPress allows authenticated remote attackers with minimal privileges such as subscribers to use the tpncrender AJAX action to inject arbitrary PHP objects via the optionsinlineedits parameter. NOTE: exploitability depends on PH...

SEOPanel 4.6.0 Cross Site Scripting

Hello, We are informing you about Cross-Site Scripting Vulnerabilities in SEOPanel 4.6.0. Information -------------------- Advisory by Netsparker Name: Cross-Site Scripting Vulnerabilities in SEOPanel Affected Software: SEOPanel Affected Versions: 4.6.0 Vendor Homepage: https://www.seopanel.org/...

Sitadel

This repository is an update for WAScan, making it compatible with Python versions 3.4 and above. It allows for more flexibility in writing new modules and implementing new features, such as frontend framework detection, content delivery network detection, defining risk levels for scans, and a...

Moderate: Red Hat Security Advisory: mariadb-connector-c security, bug fix, and enhancement update

An update for mariadb-connector-c is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Atlassian Crowd pdkinstall arbitrary plugin installation

Added: 12/22/2020 Background Atlassian Crowd is a single sign-on solution for Atlassian products. Problem Atlassian Crowd and Crowd Data Center incorrectly enabled the pdkinstall development plugin, allowing attackers to install arbitrary plugins, leading to remote code execution. Resolution...

RLSA-2020:5503 Moderate: mariadb-connector-c security, bug fix, and enhancement update

The MariaDB Native Client library C driver is used to connect applications developed in C/C++ to MariaDB and MySQL databases. The following packages have been upgraded to a later upstream version: mariadb-connector-c 3.1.11. BZ1898993 Security Fixes: mysql: C API unspecified vulnerability CPU Apr...

container-tools:1.0 bug fix and enhancement update

An update is available for fuse-overlayfs, container-selinux, oci-umount, runc, skopeo, slirp4netns, oci-systemd-hook, containernetworking-plugins, buildah, criu. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

container-tools:2.0 bug fix update

An update is available for fuse-overlayfs, container-selinux, udica, toolbox, conmon, skopeo, python-podman-api, slirp4netns, containernetworking-plugins, buildah, criu, cockpit-podman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...