EUVD-2023-41157

Malicious code in bioql PyPI...

CVE-2024-22026

A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance...

CVE-2020-9015

Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices and possibly other products allow attackers to bypass intended TACACS+ shell restrictions via a | character. NOTE: the vendor reports that this is a configuration issue relating to an overly...

CVE-2003-0452

Buffer overflows in osh before 1.7-11 allow local users to execute arbitrary code and bypass shell restrictions via 1 long environment variables or 2 long "file redirections."...

CVE-2024-22026

A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance...

Ivanti Endpoint Manager Mobile 安全漏洞

Ivanti Endpoint Manager Mobile Ivanti EPMM is a mobile management software engine from Ivanti Corporation, USA. A security vulnerability exists in Ivanti Endpoint Manager Mobile prior to version 12.1.0.0, which stems from a local elevation of privilege vulnerability that allows an authenticated...

Design/Logic Flaw

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH...

PT-2023-25845 · Veritas · Veritas Netbackup Appliance

Name of the Vulnerable Software and Affected Versions: Veritas NetBackup Appliance versions prior to 4.1.0.1 MR3 Description: The issue allows an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH due to insecure permissions. Recommendations:...

SUSE CVE-2016-3116

CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data...

CVE-2020-9015

Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices and possibly other products allow attackers to bypass intended TACACS+ shell restrictions via a | character. NOTE: the vendor reports that this is a configuration issue relating to an overly...

CVE-2020-9015

Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices and possibly other products allow attackers to bypass intended TACACS+ shell restrictions via a | character. NOTE: the vendor reports that this is a configuration issue relating to an overly...

PT-2020-20430 · Arista · Arista Dcs-7050Cx3-32S-R +2

Name of the Vulnerable Software and Affected Versions: Arista DCS-7050QX-32S-R version 4.20.9M Arista DCS-7050CX3-32S-R version 4.20.11M Arista DCS-7280SRAM-48C6-R version 4.22.0.1F Description: The issue allows attackers to bypass intended TACACS+ shell restrictions via a | character. This is...

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2017-1188)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: rh-git29-git security update

An update for rh-git29-git is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

BSA-2016-019

Security Advisory ID : BSA-2016-019 Component : OpenSSH Revision : 3.0: Final Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the 1...

DEBIAN-CVE-2016-3116

CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data...

DEBIAN-CVE-2016-3115

Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the 1 doauthenticated1 and 2 sessionx11req functions...

CVE-2016-3115

Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the 1 doauthenticated1 and 2 sessionx11req functions...

UBUNTU-CVE-2016-3115

Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the 1 doauthenticated1 and 2 sessionx11req functions...

CVE-2013-4548

The mmnewkeysfromblob function in monitorwrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet dat...