CVE-2024-37779

WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution RCE vulnerability via the Apache Ant script functionality...

CVE-2024-0005

A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP configuration...

CVE-2024-0004

A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary commands remotely to escalate privilege on the array...

CVE-2024-0004

A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary commands remotely to escalate privilege on the array...

CVE-2024-46997

DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1...

CVE-2024-46997 DataEase's H2 datasource has a remote command execution risk

DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1...

CVE-2024-46997 DataEase's H2 datasource has a remote command execution risk

DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1...

CVE-2024-46997

DataEase is affected by a remote command execution vulnerability accessible via the h2 datasource connection. Multiple sources (RH, NVD, OSV, CNVD, GHSA) confirm that prior to version 2.10.1, an attacker could trigger RCE by supplying a crafted h2 data source connection string, with evidence incl...

CVE-2024-46997 DataEase's H2 datasource has a remote command execution risk

DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1...

CVE-2024-37779

WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution RCE vulnerability via the Apache Ant script functionality...

CVE-2024-37779

CVE-2024-37779 affects WoodWing Elvis DAM v6.98.1 and describes an authenticated remote command execution via the Apache Ant script functionality. The Red Hat/NVD/CVE entries confirm the vulnerability and context (authenticated RCE, Ant script). Connected sources note that exploitation details ar...

PT-2024-27747 · Woodwing +1 · Woodwing Elvis Dam +1

Name of the Vulnerable Software and Affected Versions: WoodWing Elvis DAM version 6.98.1 Description: The issue is related to an authenticated remote command execution through the Apache Ant script functionality. This allows for the execution of commands on the affected system. Recommendations: F...

CVE-2024-37779

WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution RCE vulnerability via the Apache Ant script functionality...

FlashArray和FlashBlade 安全漏洞

Pure Storage FlashArray and Pure Storage FlashBlade are both products of Pure Storage, U.S.A. Pure Storage FlashArray is an all QLC flash storage array.Pure Storage FlashBlade is a consolidated storage platform for file and object Pure Storage FlashBlade is a consolidated storage platform for fil...

PT-2024-15289 · Pure Storage · Flasharray Purity

Name of the Vulnerable Software and Affected Versions: FlashArray Purity affected versions not specified Description: A condition exists in FlashArray Purity whereby a user with an array admin role can execute arbitrary commands remotely to escalate privilege on the array. Recommendations: At the...

WoodWing Elvis DAM 安全漏洞

WoodWing Elvis DAM is a digital asset management solution from WoodWing, Inc. A security vulnerability exists in WoodWing Elvis DAM version 6.98.1, which stems from a Remote Command Execution RCE vulnerability that includes authentication via the Apache Ant scripting feature...

FlashArray 安全漏洞

Pure Storage FlashArray is an all QLC flash storage array from Pure Storage, Inc. A security vulnerability exists in FlashArray, which can be exploited to remotely execute arbitrary commands to elevate privileges on the array by a user with the role of array administrator...

DataEase 注入漏洞

DataEase is a high-performance, easy-to-use, self-service data visualization and analysis tool that helps users quickly explore, understand and share data insights. DataEase suffers from a remote command execution vulnerability, which can be exploited by an attacker to leverage a code injection...

The vulnerability of the Postjournal Service in the corporate email management system Zimbra Collaboration Suite allows a perpetrator to execute arbitrary commands.

The vulnerability of the Postjournal Service in the corporate email management system Zimbra Collaboration Suite is related to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute...

PT-2024-41084 · Iptables · Iptables

Name of the Vulnerable Software and Affected Versions: iptables affected versions not specified Description: The issue is related to insecure privilege management in the iptables utility for configuring and managing packet filtering rules in the Linux operating system. Exploitation of this issue...