17 matches found
EUVD-2020-19093
Malware in sbrugna...
EUVD-2021-29997
Malicious code in bioql PyPI...
Amazon AWS 安全漏洞
Amazon AWS is a cloud computing platform from the U.S.-based Amazon.com that provides a range of services including information technology infrastructure and applications, such as storage, databases, computing, machine learning, and more, to individuals, businesses, and governments. A security...
CVE-2021-43043
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule...
CVE-2021-43043
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule...
Design/Logic Flaw
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule...
CVE-2021-43043
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule...
PT-2021-23732 · Kaseya +1 · Kaseya Unitrends Backup Appliance +1
Name of the Vulnerable Software and Affected Versions: Kaseya Unitrends Backup Appliance versions prior to 10.5.5 Description: An issue was discovered in the software where the apache user could read arbitrary files, such as /etc/shadow, by abusing an insecure Sudo rule. Recommendations: For...
USN-5067-1 sssd vulnerabilities
Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. CVE-2018-10852 It was discovered that SSSD incorrectly handled Group Policy Objects. Whe...
Unspecified vulnerability in Aviatrix Controller (CNVD-2021-17716)
Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. A sudo rule insecurity vulnerability exists in Aviatrix Controller versions prior to R5.4.1290. An attacker could execute all commands as any user on the system through th...
CVE-2020-26548
An issue was discovered in Aviatrix Controller before R5.4.1290. There is an insecure sudo rule: a user exists that can execute all commands as any user on the system...
CVE-2020-26548
An issue was discovered in Aviatrix Controller before R5.4.1290. There is an insecure sudo rule: a user exists that can execute all commands as any user on the system...
Design/Logic Flaw
An issue was discovered in Aviatrix Controller before R5.4.1290. There is an insecure sudo rule: a user exists that can execute all commands as any user on the system...
CVE-2020-26548
Aviatrix Controller (pre-R5.4.1290) contains an insecure sudo rule that allows a user to execute any command as any user on the system. This vulnerability affects Controller versions before R5.4.1290 and is supported by multiple sources (e.g., CNVD-2021-17716; NVD CVE-2020-26548) with high impact...
CVE-2020-26548
An issue was discovered in Aviatrix Controller before R5.4.1290. There is an insecure sudo rule: a user exists that can execute all commands as any user on the system...
Aviatrix Systems Controller 安全漏洞
Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. A sudo rule insecurity vulnerability exists in Aviatrix Controller versions prior to R5.4.1290. An attacker could execute all commands as any user on the system through th...
CVE-2020-11108
The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. This can be abused for Remote Code Execution by writing to a PHP file in the web directory. Also, it can be used in conjunction with the sudo rule for the www-data user to escalate privileges t...