USN-6711-1 crmsh vulnerability

Vincent Berg discovered that CRM shell incorrectly handled certain commands. An local attacker could possibly use this issue to execute arbitrary code via shell code injection to the crm history commandline...

Ubuntu 20.04 LTS : CRM shell vulnerability (USN-6711-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6711-1 advisory. Vincent Berg discovered that CRM shell incorrectly handled certain commands. An local attacker could possibly use this issue to execute arbitrary code via shell...

openSUSE: Security Advisory for openssl (SUSE-SU-2022:2251-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Out-of-bounds Write in Google Chrome

From: https://github.com/github/securitylab/tree/main/SecurityEx...

SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0192-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0192-1 advisory. - An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawkremembermeid parameter in the...

SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0198-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0198-1 advisory. - An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawkremembermeid parameter in the...

SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0090-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0090-1 advisory. - An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawkremembermeid parameter in the...

SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0089-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0089-1 advisory. - An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawkremembermeid parameter in the...

SUSE: Security Advisory (SUSE-SU-2023:4512-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:4512-1 Security update for util-linux

This update for util-linux fixes the following issues: - CVE-2018-7738: Fixed shell code injection in umount bash-completions bsc1213865...

SUSE-SU-2023:4372-1 Security update for util-linux

This update for util-linux fixes the following issues: - CVE-2018-7738: Fixed shell code injection in umount bash-completions bsc1213865...

Buffer overflow

Unchecked user input length in /subsys/net/l2/wifi/wifishell.c can cause buffer overflows...

Oracle Linux 8 : unbound (ELSA-2020-1716)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1716 advisory. - CVE-2019-18934 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for thi...

SUSE-SU-2023:3268-1 Security update for util-linux

This update for util-linux fixes the following issues: - CVE-2018-7738: Fixed shell code injection in umount bash-completions. bsc1213865, bsc1084300...

FSMLabs TimeKeeper 安全漏洞

FSMLabs TimeKeeper is a platform from FSMLabs, Inc. that provides enterprise-grade time allocation, clock synchronization and monitoring. A security vulnerability exists in FSMLabs TimeKeeper versions 8.0.17 through 8.0.28, which stems from a getsamplebacklog call that can be found by interceptin...

CVE-2023-35932

jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special payload that may lea...

Command injection

jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special payload that may lea...

Command injection

Multiple improper neutralization of special elements used in an os command 'OS Command Injection' vulnerabilties CWE-78 in Fortinet FortiADCManager version 7.1.0 and before 7.0.0, FortiADC version 7.2.0 and before 7.1.2 allows a local authenticated attacker to execute arbitrary shell code as root...

CVE-2023-26210

Multiple improper neutralization of special elements used in an os command 'OS Command Injection' vulnerabilties CWE-78 vulnerability in Fortinet allows a local authenticated attacker to execute arbitrary shell code as root user via crafted CLI requests...

CVE-2023-26210

Multiple improper neutralization of special elements used in an os command 'OS Command Injection' vulnerabilties CWE-78 vulnerability in Fortinet allows a local authenticated attacker to execute arbitrary shell code as root user via crafted CLI requests...