5 matches found
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection in the osctrl-admin environment configuration. An attacker can execute arbitrary shell commands on every endpoint that enrolls using a compromised environment by injecting commands into the hostname parameter, which ar...
UNIX Symbolic Link (Symlink) Following
Overview nvidia-resiliency-ext is a NVIDIA Resiliency Package Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following via the log aggregation. An attacker can gain elevated privileges, execute arbitrary code, cause service disruption, access sensitive information,...
Race Condition
Overview laim is a Local SMTP helper Affected versions of this package are vulnerable to Race Condition that may cause SMTP sessions to be initiated with root privileges. Remediation Upgrade laim to version 0.5.0 or higher. References - GitHub Commit...
DEBIAN-CVE-2020-36627
A vulnerability was found in Macaron i18n. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file i18n.go. The manipulation leads to open redirect. The attack can be launched remotely. Upgrading to version 0.5.0 is able to address this issue. T...
PT-2022-16931 · Django +1 · Django +1
Name of the Vulnerable Software and Affected Versions: django-mfa3 versions prior to 0.5.0 Description: The issue is related to a library that implements multi-factor authentication for the Django web framework. It modifies the regular login view but does not modify the second login view for the...