4 matches found
EUVD-2021-29527
Malicious code in bioql PyPI...
CVE-2022-31479
An unauthenticated attacker can update the hostname with a specially crafted name that will allow for shell commands to be executed during the core collection process. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which...
PT-2022-2807 · Hid · Hid Mercury Intelligent Controllers
Name of the Vulnerable Software and Affected Versions: HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 versions prior to 1.302 for the LP series and 1.296 for the EP series Description: The issue is related to a flaw in the data protection mechanism of the HID Mercu...
CVE-2021-42559
An issue was discovered in CALDERA 2.8.1. It contains multiple startup "requirements" that execute commands when starting the server. Because these commands can be changed via the REST API, an authenticated user can insert arbitrary commands that will execute when the server is restarted...