15280 matches found
CVE-2024-1015 Remote command execution vulnerability in SE-elektronic GmbH E-DDC3.3
Remote command execution vulnerability in SE-elektronic GmbH E-DDC3.3 affecting versions 03.07.03 and higher. An attacker could send different commands from the operating system to the system via the web configuration functionality of the device...
CVE-2024-1015
CVE-2024-1015 describes a remote command execution vulnerability in SE-elektronic GmbH E-DDC3.3 affecting versions 03.07.03 and higher. An attacker could execute commands from the operating system through the device’s web configuration interface. The CVSSv3.1 score is 9.8 (CRITICAL) with AV:N/AC:...
CVE-2024-1015 Remote command execution vulnerability in SE-elektronic GmbH E-DDC3.3
Remote command execution vulnerability in SE-elektronic GmbH E-DDC3.3 affecting versions 03.07.03 and higher. An attacker could send different commands from the operating system to the system via the web configuration functionality of the device...
PT-2024-1441 · Se Elektronic Gmbh · E-Ddc3.3
Name of the Vulnerable Software and Affected Versions: SE-elektronic GmbH E-DDC3.3 versions 03.07.03 and higher Description: The issue is related to a remote command execution vulnerability in the web configuration functionality of the device, allowing an attacker to send different commands from...
SUSE CVE-2023-52076
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the use...
CVE-2023-52076
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the use...
CVE-2023-52076
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the use...
Path traversal
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the use...
CVE-2023-52076
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the use...
CVE-2023-52076
Atril Document Viewer (MATE) is vulnerable to a path traversal and arbitrary file write flaw in versions preceding 1.26.2, allowing writing arbitrary files to locations accessible by the user opening a crafted document. The vulnerability originates from Atril’s EPUB/document parsing flow and, per...
CVE-2023-52076 Remote Code Execution Vulnerability in Atril's EPUB ebook parsing
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the use...
openssh: potential command injection via shell metacharacters
A flaw was found in OpenSSH. In certain circumstances, a remote attacker may be able to execute arbitrary OS commands by using expansion tokens, such as %u or %h, with user names or host names that contain shell metacharacters...
openssh: potential command injection via shell metacharacters
A flaw was found in OpenSSH. In certain circumstances, a remote attacker may be able to execute arbitrary OS commands by using expansion tokens, such as %u or %h, with user names or host names that contain shell metacharacters...
PT-2024-1307 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on SRX Series and EX Series versions earlier than 20.4R3-S10 Juniper Networks Junos OS on SRX Series and EX Series 21.2 versions earlier than 21.2R3-S8 Juniper Networks Junos OS on SRX Series and EX Series 21.4...
Jenkins Security Vulnerabilities
Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins versions 2.217 through 2.441, and LTS versions 2.222.1 through 2.426.2, which...
GL.iNet Unauthenticated Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'digest/md5' class MetasploitModule 'GL.iNet Unauthenticated Remote Command Execution via the logread module.', 'Description' = %q A command injection...
The vulnerability of the Nginx UI server’s user interface allows a hacker to execute arbitrary commands.
The vulnerability of the Nginx UI server’s user interface is related to the lack of measures taken at the management level to clean data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by modifying the startcmd parameter...
Remote Command Execution in SOFARPC
Impact SOFARPC defaults to using the SOFA Hessian protocol to deserialize received data, while the SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But there is a gadget chain that can bypass the SOFA Hessian...
GHSA-7Q8P-9953-PXVR Remote Command Execution in SOFARPC
Impact SOFARPC defaults to using the SOFA Hessian protocol to deserialize received data, while the SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But there is a gadget chain that can bypass the SOFA Hessian...
CVE-2024-23636 SOFARPC Remote Command Execution(RCE) Vulnerbility
SOFARPC is a Java RPC framework. SOFARPC defaults to using the SOFA Hessian protocol to deserialize received data, while the SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But, prior to version 5.12.0, there i...