11 matches found
EUVD-2019-7061
Malware in sbrugna...
SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0192-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0192-1 advisory. hawk2 was updated to version 2.5. Security issue fixed: - Fixed another possible code execution vulnerability in the controller code bsc1179998. Tenabl...
SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0198-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0198-1 advisory. hawk2 was updated to version 2.5. Security issue fixed: - Fixed another possible code execution vulnerability in the controller code bsc1179998. Tenabl...
SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0089-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0089-1 advisory. This update for hawk2 fixes the following security issue: - CVE-2020-35458: Fixed an insufficient input handler that could have led to remote code...
SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0090-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0090-1 advisory. This update for hawk2 fixes the following security issue: - CVE-2020-35458: Fixed an insufficient input sanitation that could have led to remote code...
CVE-2020-35458
An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawkremembermeid parameter in the loginfromcookie cookie. The user logout routine could be used by unauthenticated remote attackers to execute code as hauser...
CVE-2020-35458
An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawkremembermeid parameter in the loginfromcookie cookie. The user logout routine could be used by unauthenticated remote attackers to execute code as hauser...
Code injection
An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawkremembermeid parameter in the loginfromcookie cookie. The user logout routine could be used by unauthenticated remote attackers to execute code as hauser...
CVE-2019-10780
BibTeX-ruby before 5.1.0 allows shell command injection due to unsanitized user input being passed directly to the built-in Ruby Kernel.open method through BibTeX.open...
shopify-scripts: SIGABRT in only mirb
PoC ------------------- The following code triggers the bug attached as test.rb: def tostr 00end 0.times Debug - mirb ------------------- The program being debugged has been started already. Start it from the beginning? y or n y Starting program: /home/x/Desktop/test/mruby/bin/mirb test.rb mirb -...
shopify-scripts: SIGSEGV - kh_resize_iv - Null Deref
PoC --------------------- The following code triggers the bug attached as khresizeiv.rb: l t'',''doend s'',''do.end d t''do.end a=Array.new a.=102,0 € s a.tos a a.tos a.i Debug - mirb --------------------- gdb r khresizeiv.rb Starting program: /home/x/Desktop/research/mruby/bin/mirb khresizeiv.rb...