Tag
#linux
Netgear R6220 v1.1.0.114_1.0.1 suffers from Incorrect Access Control, resulting in a command injection vulnerability.
Gentoo Linux Security Advisory 202210-9 - Multiple vulnerabilities have been discovered in Rust, the worst of which could result in denial of service. Versions less than 1.63.0-r1 are affected.
Ubuntu Security Notice 5682-1 - It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
MiniDVBLinux versions 5.4 and below suffer from an arbitrary file disclosure vulnerability.
Gentoo Linux Security Advisory 202210-8 - Multiple vulnerabilities have been discovered in Tcpreplay, the worst of which could result in denial of service. Versions less than 4.4.2 are affected.
MiniDVBLinux version 5.4 suffers from an OS command execution vulnerability. This can be exploited to execute arbitrary commands as root through the command GET parameter in /tpl/commands.sh.
MiniDVBLinux version 5.4 suffers from an OS command injection vulnerability. This can be exploited to execute arbitrary commands with root privileges.
This Metasploit module exploits an unauthenticated remote code execution vulnerability in Spring Cloud Gateway versions 3.0.0 through 3.0.6 and 3.1.0. The vulnerability can be exploited when the Gateway Actuator endpoint is enabled, exposed and unsecured. An unauthenticated attacker can use SpEL expressions to execute code and take control of the victim machine.
Gentoo Linux Security Advisory 202210-7 - A vulnerability has been found in Deluge which could result in XSS. Versions less than 2.1.1 are affected.
Webile version 1.0.1 suffers from a directory traversal vulnerability.