Lucene search
K

352 matches found

0day.today
0day.today
added 2018/10/15 12:0 a.m.103 views

FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure Vulnerability

Exploit for hardware platform in category web applications Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure Auhor: Gjoko 'LiquidWorm' Krstic Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: https://www.flir.com Affected version: Firmware: 1.32.16, 1.17.13 OS...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2018/07/02 6:0 p.m.27 views

CVE-2018-1113

setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This violates security assumptions made by pamshells and some daemons which allow access based on a user's shell being listed in /etc/shells. Under some circumstance...

4.8CVSS5AI score0.00315EPSS
Exploits0References3
CVE
CVE
added 2018/06/23 7:0 p.m.53 views

CVE-2018-12640

CVE-2018-12640 affects Insteon HD IP Camera White 2864-222. The webService binary is vulnerable to a buffer overflow triggered by crafted pid, pwd, or usr keys in a GET request on port 34100. The vulnerability is documented in multiple sources (NVD entry and CNVD/CNVD-related advisories). A relat...

9.8CVSS9.3AI score0.01633EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/05/30 9:0 p.m.20 views

CVE-2018-11481

TP-LINK IPC TL-IPC223P-6, TL-IPC323K-D, TL-IPC325KP-, and TL-IPC40A-4 devices allow authenticated remote code execution via crafted JSON data because /usr/lib/lua/luci/torchlight/validator.lua does not block various punctuation characters...

9AI score0.01788EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/03/12 12:0 a.m.11 views

Solaris 10 (sparc) : 148423-01

SunOS 5.10: /usr/ccs/bin/error patch. Date this patch was last updated by Sun : Feb/06/13 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if descripti...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/03/12 12:0 a.m.22 views

Solaris 10 (sparc) : 141014-01

SunOS 5.10: /usr/bin/dircmp patch. Date this patch was last updated by Sun : Mar/19/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

4.4CVSS6.7AI score0.00257EPSS
Exploits0References2
OSV
OSV
added 2018/02/02 5:29 p.m.3 views

CVE-2018-6577

SQL Injection exists in the JEXTN Membership 3.1.0 component for Joomla! via the usrplan parameter in a view=myplans&task=myplans.usersubscriptions request...

9.8CVSS5.8AI score0.02018EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/06/19 4:0 p.m.30 views

CVE-2017-1000372

A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions...

9.8AI score0.03955EPSS
Exploits3References3
NVD
NVD
added 2017/03/29 2:59 p.m.19 views

CVE-2017-5671

Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, which allows local users to conduct a BusyBox jailbreak attack and obtain root privileges by overwriti...

8.8CVSS8.3AI score0.01404EPSS
Exploits5References5
CVE
CVE
added 2017/03/29 2:0 p.m.63 views

CVE-2017-5671

CVE-2017-5671 affects Honeywell Intermec PM23/PM42/PM43/PC23/PC43/PD43/PC42 printers (firmware before 10.11.013310 and 10.12.x before 10.12.013309). The vulnerability arises because /usr/bin/lua is installed setuid to the itadmin account, enabling local users to perform a BusyBox jailbreak and es...

8.8CVSS8.2AI score0.01404EPSS
Exploits5References5Affected Software7
0day.today
0day.today
added 2016/11/08 12:0 a.m.51 views

Solaris 8/9 ps - Environment Variable Information leak Exploit

Exploit for linux platform in category local exploits !/bin/sh $Id: raptorucbps,v 1.1 2006/07/26 12:15:42 raptor Exp $ raptorucbps - information leak with Solaris /usr/ucb/ps Copyright c 2006 Marco Ivaldi A security vulnerability in the "/usr/ucb/ps" see ps1B command may allow unprivileged local...

2.1CVSS6.3AI score0.00945EPSS
Exploits3
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.6 views

The vulnerability of the Linter Bastion database management system allows a malicious individual to decode user credentials.

User accounts in a database are stored in the system table “$$$USR”. This table contains the names of users and their encrypted passwords. By default, the Linter Bastion database management system encrypts user passwords using the user’s name as the encryption key; that is, the encryption key is...

9CVSS5.4AI score
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2016/05/12 3:15 p.m.43 views

Moderate: Red Hat Security Advisory: docker security, bug fix, and enhancement update

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.8CVSS7AI score0.00388EPSS
Exploits0References19
Packet Storm
Packet Storm
added 2015/11/30 12:0 a.m.19 views

Brocade Fabric OS 6.3.1b Weak System Configuration

Title: Brocade Fabric OS v6.3.1b - Multiple vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: www.brocade.com Versions Reported: Kernel 2.6.14.2 + FabOS v6.3.1b + BootProm 1.0.9 version Kernel: 2.6.14.2 Fabric OS: v6.3.1b BootProm: 1.0.9 1 Default diagnostic accounts root and factory...

0.1AI score
Exploits0
0day.today
0day.today
added 2015/10/03 12:0 a.m.169 views

issetugid() + rsh + libmalloc OS X Local Root Exploit

The default root-suid binary /usr/bin/rsh on Mac OS X uses execv in an insecure manner. /usr/bin/rsh will invoke /usr/bin/rlogin if launched with only a host argument, without dropping privileges or clearing the environment. This exploit will pass "MallocLogFile" to /usr/bin/rsh, which is then...

7.2CVSS1.3AI score0.0513EPSS
Exploits14
0day.today
0day.today
added 2015/04/30 12:0 a.m.19 views

linux/x86 execve("/usr/bin/ssh", "127.0.0.1") - 50 bytes

// linux/x86 execve"/usr/bin/ssh", "/usr/bin/ssh", "127.0.0.1", NULL - 50 bytes // Febriyanto Nugroho include char shellcode = "\x6a\x0b" "\x58" "\x99" "\x52" "\x68\x2f\x73\x73\x68" "\x68\x2f\x62\x69\x6e" "\x68\x2f\x75\x73\x72" "\x89\xe3" "\x52" "\x6a\x31" "\x66\x68\x30\x2e" "\x66\x68\x30\x2e"...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2014/09/09 12:0 a.m.29 views

ALCASAR 2.8 - Remote Code Execution

!/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8 Remote Root Code Execution Vulnerability Author: eF Date : 2014-02-10 db 88 ,ad8888ba, db ad88888ba db 88888888ba d88b 88 d8"' "8b d88b d8" "8b d88b 88 "8b d8'8b 88 d8' d8'8b Y8, d8'8b 88 ,8P d8' 8b 88 88 d8' 8b Y8aaaaa, d8' 8b 88aaaaaa8P'...

7.4AI score
Exploits0
0day.today
0day.today
added 2014/08/10 12:0 a.m.24 views

linux/x86 Run /usr/bin/python | setreuid(),execve() - 54 Bytes

Exploit Title: Shellcode Linux x86 Run /usr/bin/python | setreuid,execve Date: 31/7/2014 Exploit Author: Ali Razmjoo Tested on: kali-linux-1.0.4-i386 3.7-trunk-686-pae 1 SMP Debian 3.7.2-0+kali8 i686 GNU/Linux / Ali Razmjoo , email protected Shellcode Linux x86 Run /usr/bin/python | setreuid,exec...

0.9AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

SunOS <= 4.1.3 LD_LIBRARY_PATH and LD_OPTIONS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/43/info There exists a vulnerability involving environment variables and setuid/setgid programs under SunOS 4.0 and higher. A dynamically-linked program that is invoked by a setuid/setgid program has access to the caller'...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Digital Ultrix 4.0/4.1 /usr/bin/chroot Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17/info By default, /usr/bin/chroot is improperly installed in Ultrix versions 4.0 and 4.1. Anyone can execute /usr/bin/chroot this can lead to system users to gain unauthorized privileges. $ mkdir /tmp/etc $ echo...

7.1AI score
Exploits0
Rows per page
Query Builder