CLSA-2026-1779124021 firewalld: Fix of CVE-2026-4948

CVE-2026-4948: use PKACTIONCONFIG instead of PKACTIONCONFIGINFO for setZoneSettings2 and setPolicySettings to require config-write authorization...

CLSA-2026-1778887961 firewalld: Fix of CVE-2026-4948

CVE-2026-4948: use PKACTIONCONFIG for setZoneSettings2/setPolicySettings to require write authorization...

SUSE CVE-2026-4948

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

CVE-2026-4948

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

CVE-2026-4948

The CVE-2026-4948 entry concerns firewalld where a local unprivileged user can exploit mis-authorization of two runtime D-Bus setters (setZoneSettings2 and setPolicySettings). This allows modifying the runtime firewall state without authentication, leading to unauthorized changes in network secur...

CVE-2026-4948

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

CVE-2026-4948

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

PT-2026-28678

Name of the Vulnerable Software and Affected Versions firewalld affected versions not specified Description A flaw exists in firewalld that allows a local unprivileged user to modify the runtime firewall state without proper authentication. This is possible due to mis-authorization of two runtime...

CVE-2023-53941

EasyPHP Webserver 14.1 contains an OS command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by injecting malicious payloads through the appservicecontrol parameter. Attackers can send POST requests to /index.php?zone=settings with crafted...

PT-2025-52320

Name of the Vulnerable Software and Affected Versions EasyPHP Webserver version 14.1 Description An unauthenticated attacker can execute arbitrary system commands. This is possible by injecting malicious payloads through the app service control parameter. Attackers can send POST requests to the...

EUVD-2016-4325

Malware in sbrugna...

EUVD-2018-1725

Malware in sbrugna...

EUVD-2025-19803

Malicious code in bioql PyPI...

CVE-2024-48629

D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the IPAddress parameter in the SetGuestZoneRouterSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...

Akaunting Operating System Command Injection Vulnerability

Akaunting is an application from Akaunting that provides all the tools needed to manage money online. An operating system command injection vulnerability exists in Akaunting v3.1.3 and prior versions, which stems from the presence of an operating system command injection that could allow an...

CVE-2023-3767

An OS command injection vulnerability has been found on EasyPHP Webserver affecting version 14.1. This vulnerability could allow an attacker to get full access to the system by sending a specially crafted exploit to the /index.php?zone=settings parameter...

D-Link COVR 命令注入漏洞

D-Link COVR is a series of routers from China-based AUO D-Link. A security vulnerability exists in D-Link COVR versions 1200, 1202, 1203 v1.08, which originates from a command injection vulnerability contained via the systemtimetimezone parameter in the function SetNTPServerSettings...

How to Change the Date, Time and Time Zone in CloudBridge

This article provides information on how to set the correct date, time and time zone through the CloudBridge UI...

CVE-2018-0942

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow elevation of privilege, due to how Internet Explorer handles zone and integrity...

Internet Explorer Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Internet Explorer fails a check, allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. This vulnerability by itself does not allow arbitrary co...