Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: curl: curl-8.20.0-2.hum1 aarch64, x8664 libcurl-8.20.0-2.hum1 aarch64, x8664 libcurl-devel-8.20.0-2.hum1 aarch64, x8664 libcurl-minimal-8.20.0-2.hum1 aarch64, x8664 curl-8.20.0-2.hum1.src src...

EUVD-2023-12190

Malicious code in bioql PyPI...

Remote code execution

The webutils in Proofpoint Enterprise Protection PPS/POD contain a vulnerability that allows an authenticated user to execute remote code through 'eval injection'. This affects all versions 8.20.0 and below...

Proofpoint Enterprise Protection 代码注入漏洞

Proofpoint Enterprise Protection is an application from Proofpoint USA. It provides the ability to protect e-mail. A security vulnerability exists in Proofpoint Enterprise Protection PPS/POD version 8.20.0 and prior versions. An attacker can exploit this vulnerability to remotely execute code via...

Proofpoint Enterprise Protection 代码注入漏洞

Proofpoint Enterprise Protection is an application from Proofpoint USA. It provides functionality to protect e-mail. A code injection vulnerability exists in Proofpoint Enterprise Protection PPS/POD version 8.20.0 and prior versions. An attacker can exploit this vulnerability to remotely execute...

PT-2023-16005 · Proofpoint · Proofpoint Enterprise Protection

Name of the Vulnerable Software and Affected Versions: Proofpoint Enterprise Protection PPS/POD versions 8.20.0 and below Description: The webservices in Proofpoint Enterprise Protection contain a vulnerability that allows an anonymous user to execute remote code through 'eval injection'...

CVE-2021-33005

mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to arbitrary directories...

Design/Logic Flaw

mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to the file system...

CVE-2021-43987

An additional, nondocumented administrative account exists in mySCADA myPRO Versions 8.20.0 and prior that is not exposed through the web interface, which cannot be deleted or changed through the regular web interface...

CVE-2021-43989

mySCADA myPRO Versions 8.20.0 and prior stores passwords using MD5, which may allow an attacker to crack the previously retrieved password hashes...

CVE-2021-44453

Affected product: mySCADA myPRO (versions 8.20.0 and prior). Vulnerability: OS command injection via a vulnerable debug interface that includes a ping utility, allowing an attacker to inject arbitrary operating system commands through the interface. Impact (as stated): Remote code execution with ...

CVE-2021-43555

mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported project file, which may make the product vulnerable to a path traversal payload. This vulnerability may allow an attacker to plant files on the file system in arbitrary locations or overwrite existing...

Path traversal

mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported project file, which may make the product vulnerable to a path traversal payload. This vulnerability may allow an attacker to plant files on the file system in arbitrary locations or overwrite existing...

MyScada MyDesigner Directory Traversal Vulnerability

MyScada MyDesigner is a rapid development platform for creating visualizations from the Czech company MyScada. mySCADA myDESIGNER version 8.20.0 and below has a security vulnerability that could be exploited by attackers to trick victims into importing a malicious mep file, then they could write...

MyScada MyDesigner 路径遍历漏洞

MyScada MyDesigner is a rapid development platform for creating visualizations from the Czech company MyScada. mySCADA myDESIGNER version 8.20.0 and below has a security vulnerability that could be exploited by attackers to trick victims into importing a malicious mep file, then they could write...