MiracleLinux 7 : mercurial-2.6.2-10.el7 (AXSA:2019-4114:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-4114:01 advisory. mercurial: Buffer underflow in mpatch.c:mpatchapply CVE-2018-13347 mercurial: HTTP server permissions bypass CVE-2018-1000132 mercurial: Missing che...

GL.iNet Multiple Products Operating System Command Injection Vulnerability

GL.iNet MT6000 and others are a router from China's GL.iNet. The operating system command injection vulnerability exists in several GL.iNet products. The vulnerability stems from the fact that NGINX authentication can be bypassed via Lua string pattern matching, which can be exploited by an...

CVE-2017-9946

A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions V3.5. An attacker with network access to the integrated web server 80/tcp and 443/tcp could bypass the authentication and download sensitive information from the device...