CVE-2026-45744

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the GET /ssh/filemanager/ssh/resolvePath endpoint in Termix is vulnerable to OS command injection. The endpoint uses double-quote escaping for shell command...

CVE-2026-45743

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. 16 file-manager endpoints in Termix prior to version 2.3.2 do not verify that the requesting user owns the SSH session identified by sessionId. An authenticated attacker who knows or...

MiracleLinux 7 : glusterfs-3.8.4-54.10.el7 (AXSA:2018-3234:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3234:05 advisory. GlusterFS is a key building block of Asianux Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for divers...

MiracleLinux 4 : glusterfs-3.8.4-54.11.AXS4 (AXSA:2018-3233:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3233:03 advisory. GlusterFS is a key building block of Asianux Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for divers...

EUVD-2010-1254

Malware in sbrugna...

EUVD-2022-39613

Malicious code in bioql PyPI...

CVE-2022-36956

In Veritas NetBackup, the NetBackup Client allows arbitrary command execution from any remote host that has access to a valid host-id NetBackup certificate/private key from the same domain. The affects 9.0.x through 9.0.0.1 and 9.1.x through 9.1.0.1...

ABB Cylon Aspect 3.07.02 sshUpdate.php Unauthenticated Remote SSH Service Control

ABB Cylon Aspect 3.07.02 sshUpdate.php Unauthenticated Remote SSH Service Control Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.02 Summary: ASPECT is an award-winning scalable building...

Malicious Package

Overview raw-tool is a malicious package. Looking into the setup.py function: 1 it tries to access the host at TCP port 35019. 2 it downloads all the files from the host. 3 it base64 decodes, decompresses, and executes. It can allow the attacker full control over the host. Malicious Code The code...

CVE-2021-42773

CVE-2021-42773 affects Broadcom Emulex HBA Manager/OneCommand Manager used in Broadcom Dell PowerEdge deployments. In affected versions prior to 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, an unauthenticated user could use the GetDumpFile command to retrieve an...

CornerShot - Amplify Network Visibility From Multiple POV Of Other Hosts

In warfare, CornerShot is a weapon that allows a soldier to look past a corner and possibly take a shot, without risking exposure. Similarly, the CornerShot package allows one to look at a remote host’s network access without the need to have any special privileges on that host. Using CornerShot,...

CVE-2010-1224

main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used in permit= and deny= configuration rules, which causes an improper arithmetic shift and might allow...

Netref cat_for_gen.php Arbitrary PHP Command Injection

The remote host is running the Netref directory script, written in PHP. There is a vulnerability in the installed version of Netref that enables a remote attacker to pass arbitrary PHP script code through the 'ad', 'addirect', and 'mforracine' parameters of the 'catforgen.php' script. This code...

Acme.Serve 1.7 - Arbitrary File Access

source: https://www.securityfocus.com/bid/2809/info Acme.Serve is a free, open-source, embeddable webserver written in Java. It is small, is intended to provide minimal functionality, and is fully compatible with JavaServer. Acme.Serve 1.7 comes with a webserver that listens on port 9090. This...

msproxy2.0.exploit.txt

Date: Wed, 7 Oct 1998 07:10:49 +0100 From: Mnemonix To: [email protected] Subject: WARNING: By-passing MS Proxy packet filtering The following text is in the "ISO-8859-1" character set. Your display is set for the "US-ASCII" character set. Some characters may be displayed incorrectly. Whilst...