Lucene search
K

8 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.23 views

Astra Linux – Vulnerability in Zabbix

The Zabbix Agent 2 item key “smart.disk.get” does not sanitize its parameters before passing them to a shell command, which may lead to a vulnerability for remote code execution...

9.8CVSS8.8AI score0.00753EPSS
Exploits0References2
NVD
NVD
added 2026/06/16 7:17 p.m.13 views

CVE-2026-53855

OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allowlist checks via shell positional parameters. Attackers can combine allowlisted tools with shell positional arguments to place inline-eval content in shell carriers outside...

8.1CVSS0.0026EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.14 views

PT-2026-49772

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.2 Description An inline-eval bypass allows authenticated operators to weaken strict allowlist checks using shell positional parameters. By combining allowlisted tools with shell positional arguments, attackers...

8.1CVSS5.5AI score0.0026EPSS
Exploits0References5
OSV
OSV
added 2023/12/18 10:15 a.m.1 views

UBUNTU-CVE-2023-32728

The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution...

9.8CVSS6.1AI score0.00753EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/04/17 12:0 a.m.5 views

The vulnerability of the libcurl library, related to bypassing the authentication process, allows a perpetrator to reuse an inappropriate connection.

The vulnerability of the libcurl library relates to bypassing the authentication process. Exploiting this vulnerability allows a malicious actor to easily manipulate two SSH parameters, which may lead to the reuse of an inappropriate connection. As a result, an already established SSH connection...

6.5CVSS6.6AI score0.01162EPSS
Exploits1References13Affected Software10
CNNVD
CNNVD
added 2022/08/12 12:0 a.m.4 views

Gas Agency Management System 代码问题漏洞

Gas Agency Management System is a gas agency management software by Mayuri K. Personal Developer. It is used to manage the day-to-day operations of a gas agency. A code issue vulnerability exists in Gas Agency Management System. An attacker can exploit this vulnerability to manipulate shell...

9.8CVSS8.5AI score0.00722EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2018/06/22 12:0 a.m.35 views

SUSE SLES11 Security Update : cobbler (SUSE-SU-2018:1741-1)

This update for cobbler fixes the following issues : - CVE-2017-1000469: Escape shell parameters provided by the user for the reposync action. bsc1074594 - Fix for calling koan with virttype kvm. bsc1090205 Note that Tenable Network Security has extracted the preceding description block directly...

10CVSS7.5AI score0.05556EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2018/06/21 12:0 a.m.42 views

openSUSE Security Update : cobbler (openSUSE-2018-655)

This update for cobbler fixes the following issues : The following security issue has been fixed : - CVE-2017-1000469: Escape shell parameters provided by the user for the reposync action. bsc1074594 Additionally, the following non-security issues have been fixed : - Fix signature for SLES15...

10CVSS7.4AI score0.05556EPSS
Exploits1References5
Rows per page
Query Builder