RedHat Update for subversion RHSA-2017:2480-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: subversion security update

An update for subversion is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

CVE-2017-1000116

A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Mercurial. This can be exploited to execute shell commands with the privileges of the user running the Mercurial client, for example, when performing a "checkout" or "update" action on a sub-repository...

CVE-2017-11566

AppUse 4.0 allows shell command injection via a proxy field...

CVE-2017-11566

AppUse 4.0 allows shell command injection via a proxy field...

Command injection

AppUse 4.0 allows shell command injection via a proxy field...

CVE-2017-11566

AppUse 4.0 allows shell command injection via a proxy field...

CVE-2017-11566

CVE-2017-11566 concerns AppUse 4.0, where a vulnerability exists in a proxy field that enables shell command injection. The issue is documented with CVSS scores (2.0/3.1) indicating a high-severity, locally exploitable flaw that could allow complete confidentiality, integrity, and availability im...

Foscam C1 Indoor HD Camera cgiproxy.fcgi dns2 address configuration command injection vulnerability

Foscam C1 Indoor HD Camera is a wireless HD IP camera from Foscam China. A security vulnerability exists in the web management interface in the Foscam C1 Indoor HD Camera using application firmware version 2.52.2.37. The vulnerability can be exploited to inject arbitrary shell characters by sendi...

CVE-2017-9828

'/cgi-bin/admin/testserver.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable to shell command injection, which allows remote attackers to execute any shell command as root via a crafted HTTP request. This vulnerability is already verified on VIVOTEK Network Camera...

CVE-2017-9828

'/cgi-bin/admin/testserver.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable to shell command injection, which allows remote attackers to execute any shell command as root via a crafted HTTP request. This vulnerability is already verified on VIVOTEK Network Camera...

CVE-2017-3806

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known...

CVE-2016-6459

Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. More Information: CSCvb25010. Known Affected Releases: 8.1.x. Known Fixed Releases: 6.3.4 7.3.7 8.2.2 8.3.0...

Command injection

Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. More Information: CSCvb25010. Known Affected Releases: 8.1.x. Known Fixed Releases: 6.3.4 7.3.7 8.2.2 8.3.0...

CVE-2016-6459

Cisco TelePresence endpoints running CE or TC software are vulnerable to a local shell command injection when input is not properly sanitized. An authenticated, local attacker could exploit this to execute arbitrary commands. Fixed releases are 6.3.4, 7.3.7, 8.2.2, and 8.3.0. Affected releases in...

Observium Remote Command Execution Vulnerability

During a recent penetration test Computest found and exploited various issues in Observium, going from unauthenticated user to full shell access as root. Summary: Unauthenticated remote command execution as root Affected software: Observium Affected versions: Versions downloaded before 26-10-2016...

Zabbix Agent 3.0.1 mysql. size shell command injection

CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection Affected products ================= At least Zabbix Agent 1:3.0.1-1+wheezy from http://repo.zabbix.com/zabbix/3.0/debian is vulnerable. Other versions were not tested. Background ========== "Zabbix agent is deployed on a...

CentOS Update for setroubleshoot-plugins CESA-2016:1293 centos7

Check the version of setroubleshoot-plugins SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : setroubleshoot and setroubleshoot-plugins on SL6.x i386/x86_64 (20160621)

The setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials. Security Fixes : - Shell command injection...

Scientific Linux Security Update : setroubleshoot and setroubleshoot-plugins on SL7.x x86_64 (20160623)

The setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials. Security Fixes : - Shell command injection...