The vulnerability of the FTP server of the microprogramming software for Schneider Electric Modicon Quantum control devices arises from deficiencies in access control. This allows a intruder to execute arbitrary code, cause system failures, or upload malicious firmware.

The vulnerability of the microprogrammed logic controller Schneider Electric Modicon Quantum software is related to deficiencies in access control. Exploiting this vulnerability could allow an intruder to execute arbitrary code, cause malfunctions, or upload malicious firmware using a special FTP...

CVE-2017-15099

INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the attacker lacks full read access but has both INSERT and UPDATE...

Debian DLA-500-1 : imagemagick security update

Bob Friesenhahn from the GraphicsMagick project discovered a command injection vulnerability in ImageMagick, a program suite for image manipulation. An attacker with control on input image or the input filename can execute arbitrary commands with the privileges of the user running the application...

Wedge Networks WedgeOS Multiple Vulnerabilities

Wedge Networks builds enterprise email security solutions based on the company's BeSecure Web Security Gateway. Wedge Networks WedgeOS has multiple security vulnerabilities that could be exploited by an unauthenticated attacker to read arbitrary files, root, elevate root privileges, and execute...

AIX 530005 : U811862

The remote host is missing AIX PTF U811862 which is related to the security of the package X11.base.rte You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

CVE-2007-4739

reprepro 1.3.0 through 2.2.3 does not properly verify signatures when updating repositories, which allows remote attackers to construct and distribute an ostensibly valid Release.gpg file by signing it with an unknown key, related to the update command...

Command injection

reprepro 1.3.0 through 2.2.3 does not properly verify signatures when updating repositories, which allows remote attackers to construct and distribute an ostensibly valid Release.gpg file by signing it with an unknown key, related to the update command...

CVE-2007-4739

CVE-2007-4739 affects reprepro versions 1.3.0 through 2.2.3, where repository updates do not adequately verify signatures: it only validates known signatures and may accept unsigned/unknown signatures, allowing remote attackers to craft a seemingly valid Release.gpg file. The issue enables an aut...

[CLA-2003:665] Conectiva Security Announcement - kopete

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : kopete SUMMARY : Remote command execution...