Security Bulletin: Vulnerability in OpenPrinting CUPS affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.

Summary Potential vulnerability in OpenPrinting CUPS has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. The vulnerability have been addressed. Refer to details for additional information...

CVE-2025-20117

A vulnerability in the CLI of Cisco APIC could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due t...

Azure Linux 3.0 Security Update: cups (CVE-2024-35235)

The version of cups installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35235 advisory. - OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versio...

CVE-2025-20124

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute arbitrary commands as the root user on an affected device. This vulnerability is due to insecure deserialization of user-supplied Java byte streams by the affected software. An attacker could exploit...

Cisco AsyncOS 输入验证错误漏洞

Cisco AsyncOS is an operating system for Cisco devices from Cisco USA. An input validation error vulnerability exists in Cisco AsyncOS, which stems from insufficient validation of an XML configuration file, and can be exploited by an authenticated remote attacker to upload specially crafted files...

iocharger 安全漏洞

iocharger is an electric vehicle charging and smart energy management solution from the Chinese company Galaxy Zhangtan iocharger. A security vulnerability exists in iocharger versions prior to 25010801, which stems from an unsatisfactory neutralization of a special element used in a command, whi...

iocharger 安全漏洞

iocharger is an electric vehicle charging and smart energy management solution from the Chinese company Galaxy Zhangtan iocharger. A security vulnerability exists in iocharger versions prior to 24120701, which stems from an unsatisfactory neutralization of a special element used in a command, whi...

iocharger 安全漏洞

iocharger is an electric vehicle charging and smart energy management solution from the Chinese company Galaxy Zhangtan iocharger. A security vulnerability exists in iocharger versions prior to 24120701, which stems from an unsatisfactory neutralization of a special element used in a command, whi...

vivo ABE service 安全漏洞

vivo ABE service is a cell phone service program from the Chinese company Vivo. A security vulnerability exists in vivo ABE service, which stems from a flaw in the validation of input parameters, which allows an attacker to enter carefully constructed commands to cause ABE service to execute some...

PT-2024-35974 · Barco · Barco Clickshare Core +5

Name of the Vulnerable Software and Affected Versions: Barco ClickShare CX-30/20, C-5/10, ClickShare Bar Pro, and Core models versions prior to 2.21.1 Description: An injection vulnerability allows physically proximate attackers or local admins to the webUI to trigger OS-level command execution a...

The vulnerability of the SSH server of the microprogrammed network interface devices of Cisco Adaptive Security Appliance (ASA) allows a attacker to execute arbitrary commands on the basic operating system as the root user.

The vulnerability of the SSH server of the microprogrammed network interface devices in Cisco Adaptive Security Appliance ASA is related to insufficient validation of data entered by users. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on the basic operating...

PT-2024-9475 · Advantech · Advantech Eki-6333Ac-2G +1

Name of the Vulnerable Software and Affected Versions: Advantech EKI-6333AC-2G versions 1.6.3 and earlier Advantech EKI-6333AC-2GD versions 1.6.3 and earlier Advantech EKI-6333AC-1GPO versions 1.2.1 and earlier Description: A vulnerability was discovered in the "edgserver" service of Advantech's...

Enel X Waybox 安全漏洞

The Enel X Waybox is a home charging station from Enel X, Inc. A security vulnerability exists in version 3.0 of the Enel X Waybox that stems from incorrect file ownership of the Privileged Services Library, which results in an attacker would be able to execute arbitrary operating system commands...

CVE-2024-20424

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability ...

CVE-2024-20374

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating...

CVE-2024-20461

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...

PT-2024-7340 · Cisco · Cisco Ata 190 Series Analog Telephone Adapter

Name of the Vulnerable Software and Affected Versions: Cisco ATA 190 Series Analog Telephone Adapter firmware affected versions not specified Description: The issue exists due to the lack of proper sanitization of CLI input, allowing an attacker to execute arbitrary commands as the root user by...

PT-2024-7342 · Cisco · Cisco Ata 190

Name of the Vulnerable Software and Affected Versions: Cisco ATA 190 Multiplatform Series Analog Telephone Adapter firmware affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker with high privileges to...

CVE-2024-9464

An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls...

EulerOS 2.0 SP12 : cups (EulerOS-SA-2024-2499)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the...