184 matches found
EUVD-2019-3766
Malware in sbrugna...
EUVD-2022-32160
Malicious code in bioql PyPI...
EUVD-2022-32368
Malicious code in bioql PyPI...
EUVD-2023-47740
Malicious code in bioql PyPI...
Malicious code in sdc-dynamic-tile (npm)
The package sdc-dynamic-tile was found to contain malicious code...
MAL-2025-32851 Malicious code in sdc-dynamic-tile (npm)
The package sdc-dynamic-tile was found to contain malicious code...
CVE-2019-12116
An issue was discovered in ONAP SDC through Dublin. By accessing port 6000 of demo-sdc-sdc-fe pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...
CVE-2019-12117
An issue was discovered in ONAP SDC through Dublin. By accessing port 4001 of demo-sdc-sdc-onboarding-be pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...
CVE-2019-12131
An issue was detected in ONAP APPC through Dublin and SDC through Dublin. By setting a USERID parameter in an HTTP header, an attacker may impersonate an arbitrary existing user without any authentication. All APPC and SDC setups are affected...
CVE-2019-12113
An issue was discovered in ONAP SDNC before Dublin. By executing sla/printAsGv with a crafted module parameter, an authenticated user can execute an arbitrary command. All SDC setups that include admportal are affected...
K000148830: Linux kernel vulnerabilities CVE-2024-41090 and CVE-2024-41091
Security Advisory Description CVE-2024-41090 In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tapgetuserxdp path, which could cause a corrupted skb to ...
K000138682: libssh vulnerability CVE-2023-2283
Security Advisory Description A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in thepkiverifydatasignature function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The...
K000137584: Linux kernel vulnerability CVE-2023-1829
Security Advisory Description A use-after-free vulnerability in the Linux Kernel traffic control index filter tcindex can be exploited to achieve local privilege escalation. The tcindexdelete function which does not properly deactivate filters in case of a perfect hashes while deleting the...
CVE-2023-43321
File Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows an authenticated attacker to execute arbitrary code via the wget function in the /sbin/cloudadmin.sh component...
CVE-2023-43321
File Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows an authenticated attacker to execute arbitrary code via the wget function in the /sbin/cloudadmin.sh component...
Unrestricted file upload
File Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows an authenticated attacker to execute arbitrary code via the wget function in the /sbin/cloudadmin.sh component...
Digital China Networks DCFW-1800-SDC Code Issue Vulnerability
The Digital China Networks DCFW-1800-SDC is a firewall appliance from Digital China Networks China. A code issue vulnerability exists in Digital China Networks DCFW-1800-SDC version v.3.0 that originates from a code issue that allows an authenticated attacker to execute arbitrary code via the wge...
CVE-2023-43321
File Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows an authenticated attacker to execute arbitrary code via the wget function in the /sbin/cloudadmin.sh component...
PT-2023-28778 · Digital China Networks · Dcfw-1800-Sdc
Name of the Vulnerable Software and Affected Versions: Digital China Networks DCFW-1800-SDC version 3.0 Description: The issue allows an authenticated attacker to execute arbitrary code via the wget function in the /sbin/cloudadmin.sh component. This is a result of a File Upload vulnerability...
CVE-2023-43321
CVE-2023-43321 affects Digital China Networks DCFW-1800-SDC v3.0. The issue is a File Upload vulnerability allowing an authenticated attacker to execute arbitrary code via the wget function in /sbin/cloudadmin.sh. CVSSv3.1: 8.8 (High) with network attack vector, low attack complexity, privileges ...