EUVD-2024-23562

Malicious code in bioql PyPI...

EUVD-2024-23564

Malicious code in bioql PyPI...

EUVD-2024-23563

Malicious code in bioql PyPI...

EUVD-2024-23561

Malicious code in bioql PyPI...

CVE-2024-26293

The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS...

CVE-2024-26292

An authenticated Arbitrary File Deletion vulnerability enables an attacker to delete critical files. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS PRO+: before 2025.5.1; System Director Appliance SDA+: before 2025.5.1...

CVE-2024-26293

The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS...

CVE-2024-26293

CVE-2024-26293 affects Avid NEXIS products via a vulnerable gSOAP v2.8 instance, enabling Unauthenticated Path Traversal. Impacted are Avid NEXIS E-series, F-series, PRO+ and System Director Appliance (SDA+) versions prior to 2025.5.1. Descriptions across NVD/Red Hat/CVELIST and related sources c...

CVE-2024-26291

An Unauthenticated Arbitrary File Read vulnerability affects the Agent when installed on a system. The parameter filename does not validate the path thus allowing users to read arbitrary files. As the application runs with the highest privileges root/NTAUTHORITY SYSTEM by default attackers are ab...

CVE-2024-26291 Authenticated Arbitrary File Read affecting Avid NEXIS

An Unauthenticated Arbitrary File Read vulnerability affects the Agent when installed on a system. The parameter filename does not validate the path thus allowing users to read arbitrary files. As the application runs with the highest privileges root/NTAUTHORITY SYSTEM by default attackers are ab...

PT-2025-29436

Name of the Vulnerable Software and Affected Versions: Avid NEXIS E-series versions prior to 2025.5.1 Avid NEXIS F-series versions prior to 2025.5.1 Avid NEXIS PRO+ versions prior to 2025.5.1 System Director Appliance SDA+ versions prior to 2025.5.1 Description: The application is susceptible to ...

Avid多款产品 安全漏洞

Avid NEXIS E-series, among others, is a virtualized storage platform from Avid, USA. A security vulnerability exists in various Avid products that stems from the use of a vulnerable version of gSOAP, which could lead to an unauthenticated path traversal attack. The following products and versions...

Avid多款产品 安全漏洞

Avid NEXIS E-series, among others, is a virtualized storage platform from Avid, USA. A security vulnerability exists in various Avid products, which stems from a vulnerability that could lead to an arbitrary file deletion attack. The following products and versions are affected: Avid NEXIS...

CVE-2024-26290

Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F-series on Linux, Avid Avid NEXIS PRO+ on Linux, Avid System Director Appliance SDA+ on Linux allows code execution on underlying operating system with root permissions.This issue affects Avid NEXIS...

CVE-2024-26290

Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F-series on Linux, Avid Avid NEXIS PRO+ on Linux, Avid System Director Appliance SDA+ on Linux allows code execution on underlying operating system with root permissions.This issue affects Avid NEXIS...

CVE-2024-26290 Authenticated Remote Command Injection affecting Avid NEXIS

Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F-series on Linux, Avid Avid NEXIS PRO+ on Linux, Avid System Director Appliance SDA+ on Linux allows code execution on underlying operating system with root permissions.This issue affects Avid NEXIS...

CVE-2024-26290

CVE-2024-26290 affects Avid NEXIS E-series, F-series, PRO+ on Linux and Avid System Director Appliance (SDA+) on Linux. The root cause is improper input validation that enables code execution with root privileges on the underlying OS. Affected versions can be before 2024.6.0 for all listed produc...

Cisco UCS Director and Cisco UCS Director Express for Big Data Path Traversal Vulnerability (CNVD-2020-25350)

Cisco UCS Director and Cisco UCS Director Express for Big Data are both products from Cisco, Inc. Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS. Cisco UCS Director is a heterogeneous platform for private cloud infrastructure-as-a-service IaaS. A...

The vulnerability affects the Cisco Integrated Management Controller (IMC) Supervisor web interface, as well as tools for managing physical infrastructure and virtual environments from Cisco UCS Director and Cisco UCS Director Express for Big Data. This allows attackers to execute arbitrary commands.

The vulnerability of the Cisco Integrated Management Controller IMC Supervisor web interface, as well as the tools for managing physical infrastructure and virtual environments such as Cisco UCS Director and Cisco UCS Director Express for Big Data, is related to insufficient validation of input...

The vulnerability affects the web interface for controlling the Cisco Integrated Management Controller (IMC) Supervisor, as well as tools for managing physical infrastructure and virtual environments like Cisco UCS Director and Cisco UCS Director Express for Big Data. This allows attackers to gain access to target systems with administrator privileges.

The vulnerability of the Cisco Integrated Management Controller IMC Supervisor web interface, as well as the tools for managing physical infrastructure and virtual environments like Cisco UCS Director and Cisco UCS Director Express for Big Data, is related to authentication procedures that have...