AZL-78317 CVE-2025-67733 affecting package valkey for versions less than 8.0.7-1

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same...

[SECURITY] [DLA 3467-1] hsqldb security update

Debian LTS Advisory DLA-3467-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 22, 2023 https://wiki.debian.org/LTS Package : hsqldb Version : 2.4.1-2+deb10u2 CVE ID : CVE-2023-1183 Gregor Kopf of Secfault Security GmbH discovered that HSQLDB, a Java SQL...

[SECURITY] [DSA 5436-1] hsqldb1.8.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5436-1 [email protected] https://www.debian.org/security/ Markus Koschany June 21, 2023 https://www.debian.org/security/faq -...

Command injection

A vulnerability in the log subscription subsystem of Cisco AsyncOS for the Cisco Secure Web Appliance formerly Web Security Appliance could allow an authenticated, local attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of...

Cisco Secure Web Appliance Privilege Escalation Vulnerability

A vulnerability in the log subscription subsystem of Cisco AsyncOS for the Cisco Secure Web Appliance formerly Web Security Appliance could allow an authenticated, local attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of...

Cisco Web Security Appliance Privilege Escalation Vulnerability

According to its self-reported version, Cisco Web Security Appliance WSA is affected by following vulnerability - A vulnerability in the log subscription subsystem of the Cisco Web Security Appliance WSA could allow an authenticated, local attacker to perform command injection and elevate...

Rejetto HTTP File Server (HFS) - Remote Command Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Rejetto HttpFileServer Remote Command Execution", 'Description' = %q Rejetto HttpFileServer HFS is vulnerable to remote command...

Rejetto HttpFileServer Remote Command Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Rejetto HttpFileServer Remote Command Execution", 'Description' = %q Rejetto HttpFileServer HFS is vulnerable to remote command...

[Full-disclosure] CORE-2008-0826 - Internet Explorer Security Zone restrictions bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Internet Explorer Security Zone restrictions bypass 1. Advisory Information Title: Internet Explorer Security Zone restrictions bypass Advisory ID: CORE-2008-0826...