17 matches found
CVE-2026-52923
The CVE-2026-52923 issue affects the Linux kernel IPC ID allocation in the checkpoint/restore path. ipc_idr_alloc() forwards the next_id request to idr_alloc() with an open-ended upper bound, so if the valid SysV IPC id tail is full the allocation can spill past ipc_mni. The encoded id may then r...
Photon OS 5.0: Curl PHSA-2026-5.0-0785
An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0785. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2025-54756
BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 use a default password that is guessable with knowledge of the device information. The latest release fixes this issue for new installations; users of old installations are encouraged to change all...
CVE-2023-54264 fs/sysv: Null check to prevent null-ptr-deref bug
In the Linux kernel, the following vulnerability has been resolved: fs/sysv: Null check to prevent null-ptr-deref bug sbgetblkinode-isb, parent return a null ptr and taking lock on that leads to the null-ptr-deref bug...
System V Derived /bin/login Extraneous Arguments Buffer Overflow
This exploit connects to a system's modem over dialup and exploits a buffer overflow vulnerability in it's System V derived /bin/login. The vulnerability is triggered by providing a large number of arguments. Module Options msf use exploit/solaris/dialup/manyargs msf exploitmanyargs show targets...
Western Digital My Cloud 命令注入漏洞
Western Digital My Cloud is a personal cloud storage device from Western Digital. A security vulnerability exists in Western Digital My Cloud OS 5, which originates from a remote command injection vulnerability in a CGI file in the device...
多款Western Digital产品路径遍历漏洞
Western Digital My Cloud is a personal cloud storage device.Western Digital My Cloud Home is an easy-to-use personal cloud storage device.SanDisk ibi is a smart photo manager and media storage drive from SanDisk Corporation. SanDisk ibi and others are products of SanDisk Corporation.SanDisk ibi i...
CVE-2022-29842
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability that could allow an attacker to execute code in the context of the root user on a vulnerable CGI file was discovered in Western Digital My Cloud OS 5 devicesThis issue affects My Cloud OS 5: before...
Western Digital My Cloud 命令注入漏洞
Western Digital My Cloud is a personal cloud storage device from Western Digital. A security vulnerability exists in Western Digital My Cloud OS 5 prior to version 5.26.119, which stems from a command injection vulnerability that could allow an attacker to execute code against vulnerable CGI file...
CVE-2021-36226
Western Digital My Cloud devices before OS5 do not use cryptographically signed Firmware upgrade files...
CVE-2022-29844
A vulnerability in the FTP service of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to read and write arbitrary files. This could lead to a full NAS compromise and would give remote execution capabilities to the attacker...
PT-2022-28079 · Wildix · Wildix Wms4 +1
Name of the Vulnerable Software and Affected Versions: Wildix WMS versions 6.02.20221215 and earlier Wildix WMS versions 5.04.20221213 and earlier Wildix WMS4 versions 4.04.45396.22 and earlier Description: The issue allows server-side request forgery SSRF via ZohoClient.php. This can potentially...
Western Digital My Cloud 后置链接漏洞
Western Digital My Cloud is a personal cloud storage device from Western Digital. A backlink vulnerability exists in Western Digital My Cloud OS 5 due to insufficient file validation during file uploads in the native language combination provided by SMB and AFP in its default configuration. A...
Western Digital My Cloud 授权问题漏洞
Western Digital My Cloud is a personal cloud storage device from Western Digital, Inc. Western Digital My Cloud OS 5 is vulnerable to authorization issues that could be exploited by attackers to remotely execute code and escalate privileges...
CVE-2021-37270
There is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5.0. Attackers can use this vulnerability to directly access the specified background path without logging in to the background to obtain the background administrator authority...
Western Digital My Cloud 后置链接漏洞
Western Digital My Cloud is a personal cloud storage device from Western Digital, Inc. A backlink vulnerability exists in Western Digital My Cloud OS 5 that could be exploited by attackers to cause code execution and information disclosure...
CVE-2018-4336
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...