Security
Headlines
HeadlinesLatestCVEs

Tag

#linux

CVE-2022-42221: CVE_Report/Netgear/R6220 at main · Cj775995/CVE_Report

Netgear R6220 v1.1.0.114_1.0.1 suffers from Incorrect Access Control, resulting in a command injection vulnerability.

CVE
#vulnerability#web#ubuntu#linux#auth#telnet#firefox
Gentoo Linux Security Advisory 202210-09

Gentoo Linux Security Advisory 202210-9 - Multiple vulnerabilities have been discovered in Rust, the worst of which could result in denial of service. Versions less than 1.63.0-r1 are affected.

Ubuntu Security Notice USN-5682-1

Ubuntu Security Notice 5682-1 - It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

MiniDVBLinux 5.4 Arbitrary File Read

MiniDVBLinux versions 5.4 and below suffer from an arbitrary file disclosure vulnerability.

Gentoo Linux Security Advisory 202210-08

Gentoo Linux Security Advisory 202210-8 - Multiple vulnerabilities have been discovered in Tcpreplay, the worst of which could result in denial of service. Versions less than 4.4.2 are affected.

MiniDVBLinux 5.4 Remote Root Command Execution

MiniDVBLinux version 5.4 suffers from an OS command execution vulnerability. This can be exploited to execute arbitrary commands as root through the command GET parameter in /tpl/commands.sh.

MiniDVBLinux 5.4 Remote Root Command Injection

MiniDVBLinux version 5.4 suffers from an OS command injection vulnerability. This can be exploited to execute arbitrary commands with root privileges.

Spring Cloud Gateway 3.1.0 Remote Code Execution

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Spring Cloud Gateway versions 3.0.0 through 3.0.6 and 3.1.0. The vulnerability can be exploited when the Gateway Actuator endpoint is enabled, exposed and unsecured. An unauthenticated attacker can use SpEL expressions to execute code and take control of the victim machine.

Gentoo Linux Security Advisory 202210-07

Gentoo Linux Security Advisory 202210-7 - A vulnerability has been found in Deluge which could result in XSS. Versions less than 2.1.1 are affected.