AT&T Cybersecurity Ensures Companies SOAR with …
From DHS/US-CERT’s National Vulnerability Database
Feng Office three.7.zero.five permits faraway attackers to execute arbitrary code by the use of "<!–#exec cmd=" in a .shtml document to ck_upload_handler.php.
Webmin 1.900 permits faraway attackers to execute arbitrary code by means of leveraging the "Java document supervisor" and "Upload and Download" privileges to add a crafted .cgi document by the use of the /updown/add.cgi URI.
eBrigade via four.five permits Arbitrary File Download by the use of ../ listing traversal within the showfile.php document parameter, as demonstrated by means of studying the user-data/save/backup.square document.
A vulnerability in a selected CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software may just permit an authenticated, native attacker to flee a limited shell on an affected tool. The vulnerability is because of inadequate sanitization of user-supplied enter when issuing a sp…
A vulnerability within the Bash shell implementation for Cisco NX-OS Software may just permit an authenticated, native attacker to escalate their privilege stage by means of executing instructions approved to different person roles. The attacker should authenticate with legitimate person credentials. The vulnerability is because of the i…
(serve as(d, s, identity) (record, ‘script’, ‘facebook-jssdk’));