CVE-2025-23196

CVE-2025-23196 describes a code injection vulnerability in the Ambari Alert Definition feature. An authenticated user can exploit the vulnerability when defining alert scripts, where the script filename field is executed via sh -c , enabling remote command execution on the server. Multiple connec...

openSUSE: Security Advisory for redis7 (SUSE-SU-2025:0160-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-46981 Redis' Lua library commands may lead to remote code execution

Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional workaround to mitigate...

RLSA-2024:5530 Important: python-setuptools security update

The python-setuptools package provides a collection of enhancements to Python distribution utilities allowing convenient building and distribution of Python packages. Security Fixes: pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools...

CVE-2024-41119

The CVE-2024-41119 entry concerns streamlit-geospatial. Affected component: the page 8_🏜️_Raster_Data_Visualization.py where the vis_params parameter accepts user input that is later used in eval(), enabling remote code execution prior to the fix (commit c4f81d9616d40c60584e36abb15300853a66e489). ...

SUSE-SU-2022:0212-1 Security update for log4j

This update for log4j fixes the following issues: - CVE-2022-23307: Fix deserialization issue by removing the chainsaw sub-package. bsc1194844 - CVE-2022-23305: Fix SQL injection by removing src/main/java/org/apache/log4j/jdbc/JDBCAppender.java. bsc1194843 - CVE-2022-23302: Fix remote code...

OPENSUSE-SU-2020:1966-1 Security update for moinmoin-wiki

This update for moinmoin-wiki fixes the following issues: - update to version 1.9.11: CVE-2020-25074 boo1178744: fix remote code execution via cache action CVE-2020-15275 boo1178745: fix malicious SVG attachment causing stored XSS vulnerability...

PHP-Agenda 2.2.5 File Overwrite

Salvatore "drosophila" Fresta + Application: PHP-agenda + Version: PHP-agenda To execute commands: http://www.site.com/path/config.inc.php?cmd=uname -a + Fix You must delete install.php after installation...