Ubuntu 20.04 LTS : CRM shell vulnerability (USN-6711-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6711-1 advisory. Vincent Berg discovered that CRM shell incorrectly handled certain commands. An local attacker could possibly use this issue to execute arbitrary code via shell...

openSUSE: Security Advisory for openssl (SUSE-SU-2022:2251-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Out-of-bounds Write in Google Chrome

From: https://github.com/github/securitylab/tree/main/SecurityEx...

SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0198-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0198-1 advisory. - An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawkremembermeid parameter in the...

SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0089-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0089-1 advisory. - An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawkremembermeid parameter in the...

SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0090-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0090-1 advisory. - An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawkremembermeid parameter in the...

SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0192-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0192-1 advisory. - An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawkremembermeid parameter in the...

SUSE: Security Advisory (SUSE-SU-2023:4512-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:4512-1 Security update for util-linux

This update for util-linux fixes the following issues: - CVE-2018-7738: Fixed shell code injection in umount bash-completions bsc1213865...

SUSE-SU-2023:4372-1 Security update for util-linux

This update for util-linux fixes the following issues: - CVE-2018-7738: Fixed shell code injection in umount bash-completions bsc1213865...

Buffer overflow

Unchecked user input length in /subsys/net/l2/wifi/wifishell.c can cause buffer overflows...

Oracle Linux 8 : unbound (ELSA-2020-1716)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1716 advisory. - CVE-2019-18934 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for thi...

SUSE-SU-2023:3268-1 Security update for util-linux

This update for util-linux fixes the following issues: - CVE-2018-7738: Fixed shell code injection in umount bash-completions. bsc1213865, bsc1084300...

FSMLabs TimeKeeper 安全漏洞

FSMLabs TimeKeeper is a platform from FSMLabs, Inc. that provides enterprise-grade time allocation, clock synchronization and monitoring. A security vulnerability exists in FSMLabs TimeKeeper versions 8.0.17 through 8.0.28, which stems from a getsamplebacklog call that can be found by interceptin...

CVE-2023-35932

jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special payload that may lea...

Command injection

jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special payload that may lea...

Command injection

Multiple improper neutralization of special elements used in an os command 'OS Command Injection' vulnerabilties CWE-78 in Fortinet FortiADCManager version 7.1.0 and before 7.0.0, FortiADC version 7.2.0 and before 7.1.2 allows a local authenticated attacker to execute arbitrary shell code as root...

CVE-2023-26210

Multiple improper neutralization of special elements used in an os command 'OS Command Injection' vulnerabilties CWE-78 vulnerability in Fortinet allows a local authenticated attacker to execute arbitrary shell code as root user via crafted CLI requests...

CVE-2023-26210

Multiple improper neutralization of special elements used in an os command 'OS Command Injection' vulnerabilties CWE-78 vulnerability in Fortinet allows a local authenticated attacker to execute arbitrary shell code as root user via crafted CLI requests...

FortiADC & FortiADC Manager - Command injection vulnerabilities in cli commands

Multiple improper neutralization of special elements used in an os command 'OS Command Injection' vulnerabilties CWE-78 in FortiADC & FortiADC Manager may allow a local authenticated attacker to execute arbitrary shell code as root user via crafted CLI requests...