EUVD-2024-23561

Malicious code in bioql PyPI...

EUVD-2024-23564

Malicious code in bioql PyPI...

EUVD-2024-23563

Malicious code in bioql PyPI...

EUVD-2024-23562

Malicious code in bioql PyPI...

CVE-2024-26293

The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS...

CVE-2024-26292

An authenticated Arbitrary File Deletion vulnerability enables an attacker to delete critical files. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS PRO+: before 2025.5.1; System Director Appliance SDA+: before 2025.5.1...

CVE-2024-26293

The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS...

CVE-2024-26293

CVE-2024-26293 affects Avid NEXIS products via a vulnerable gSOAP v2.8 instance, enabling Unauthenticated Path Traversal. Impacted are Avid NEXIS E-series, F-series, PRO+ and System Director Appliance (SDA+) versions prior to 2025.5.1. Descriptions across NVD/Red Hat/CVELIST and related sources c...

CVE-2024-26291

An Unauthenticated Arbitrary File Read vulnerability affects the Agent when installed on a system. The parameter filename does not validate the path thus allowing users to read arbitrary files. As the application runs with the highest privileges root/NTAUTHORITY SYSTEM by default attackers are ab...

CVE-2024-26291 Authenticated Arbitrary File Read affecting Avid NEXIS

An Unauthenticated Arbitrary File Read vulnerability affects the Agent when installed on a system. The parameter filename does not validate the path thus allowing users to read arbitrary files. As the application runs with the highest privileges root/NTAUTHORITY SYSTEM by default attackers are ab...

PT-2025-29436

Name of the Vulnerable Software and Affected Versions: Avid NEXIS E-series versions prior to 2025.5.1 Avid NEXIS F-series versions prior to 2025.5.1 Avid NEXIS PRO+ versions prior to 2025.5.1 System Director Appliance SDA+ versions prior to 2025.5.1 Description: The application is susceptible to ...

Avid多款产品 安全漏洞

Avid NEXIS E-series, among others, is a virtualized storage platform from Avid, USA. A security vulnerability exists in various Avid products that stems from the use of a vulnerable version of gSOAP, which could lead to an unauthenticated path traversal attack. The following products and versions...

Avid多款产品 安全漏洞

Avid NEXIS E-series, among others, is a virtualized storage platform from Avid, USA. A security vulnerability exists in various Avid products, which stems from a vulnerability that could lead to an arbitrary file deletion attack. The following products and versions are affected: Avid NEXIS...

CVE-2024-26290

Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F-series on Linux, Avid Avid NEXIS PRO+ on Linux, Avid System Director Appliance SDA+ on Linux allows code execution on underlying operating system with root permissions.This issue affects Avid NEXIS...

CVE-2024-26290

Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F-series on Linux, Avid Avid NEXIS PRO+ on Linux, Avid System Director Appliance SDA+ on Linux allows code execution on underlying operating system with root permissions.This issue affects Avid NEXIS...

CVE-2024-26290 Authenticated Remote Command Injection affecting Avid NEXIS

Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F-series on Linux, Avid Avid NEXIS PRO+ on Linux, Avid System Director Appliance SDA+ on Linux allows code execution on underlying operating system with root permissions.This issue affects Avid NEXIS...

CVE-2024-26290

CVE-2024-26290 affects Avid NEXIS E-series, F-series, PRO+ on Linux and Avid System Director Appliance (SDA+) on Linux. The root cause is improper input validation that enables code execution with root privileges on the underlying OS. Affected versions can be before 2024.6.0 for all listed produc...

Cisco UCS Director and Cisco UCS Director Express for Big Data Path Traversal Vulnerability (CNVD-2020-25350)

Cisco UCS Director and Cisco UCS Director Express for Big Data are both products from Cisco, Inc. Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS. Cisco UCS Director is a heterogeneous platform for private cloud infrastructure-as-a-service IaaS. A...

CVE-2019-12634 Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a...

Security Bulletin: Vulnerability in IBM Java Runtime affects IBMTivoli Monitoring, Tivoli Application Dependency Discovery Manager, IBM Systems Director and Tivoli Common Reporting with IBM System Director Editions (CVE-2015-0138)

Summary IBM Tivoli Monitoring, Tivoli Application Dependency Discovery Manager, IBM System Director and Tivoli Common Reporting are shipped as components of IBM System Director Editions. Information about the security vulnerability affecting these components hasbeen published in the security...