Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the fetchTagsbranch API, which allows user input to specify the branch to be fetched and then concatenates this string along with a git command which is then passed to the unsafe exec Node.js child process API. PoC...

kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events

The Linux kernel's Performance Events subsystem has a use-after-free flaw that occurs when a user triggers the perfgroupdetach and removeonexec functions simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events

The Linux kernel's Performance Events subsystem has a use-after-free flaw that occurs when a user triggers the perfgroupdetach and removeonexec functions simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system...

CVE-2023-35042

GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime.exec in wps:LiteralData within a wps:Execute request, as exploited in the wild in June 2023. NOTE: the vendor states that they are unable to reproduce this in any version...

CVE-2023-35042

GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime.exec in wps:LiteralData within a wps:Execute request, as exploited in the wild in June 2023. NOTE: the vendor states that they are unable to reproduce this in any version...

PT-2023-3740 · Geoserver · Geoserver

Name of the Vulnerable Software and Affected Versions: GeoServer 2 affected versions not specified Description: The issue is related to insufficient input validation in the java.lang.Runtime.getRuntime.exec function of the GeoServer software, which can allow remote attackers to execute arbitrary...

VulnCheck KEV: CVE-2023-35042

GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime.exec in wps:LiteralData within a wps:Execute request, as exploited in the wild in June 2023. NOTE: the vendor states that they are unable to reproduce this in any version...

kernel: Executable Space Protection Bypass

A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file...

kernel: Executable Space Protection Bypass

A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file...

The vulnerability of Backup Exec’s software for backup and data restoration lies in its lack of authentication procedures. This allows attackers to elevate their privileges and execute arbitrary commands.

The vulnerability of Backup Exec’s backup and recovery software is related to deficiencies in authentication procedures when using the SHA cryptographic algorithm. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary commands...

The vulnerability of Backup Exec’s software for backup and data restoration lies in its lack of authentication procedures. This allows attackers to bypass security restrictions and execute arbitrary commands.

The vulnerability of Backup Exec’s backup and recovery software is related to deficiencies in authentication procedures when using the SHA cryptographic algorithm. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute arbitrary commands...

PT-2023-20539 · Sourcecodester · Sourcecodester Online Tours & Travels Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Tours & Travels Management System version 1.0 Description: A critical issue was found in the system, affecting the exec function of the disapprove delete.php file. The manipulation of the id argument leads to SQL...

Python Exec, Command Shell, Reverse SCTP (via python)

Execute a Python payload as an OS command from a Posix-compatible shell. Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.6-2.7 and 3.4+. Module Options msf use payload/cmd/unix/python/shellreversesctp msf payloadshellreversesctp show actions...

CVE-2023-28224

Windows Point-to-Point Protocol over Ethernet PPPoE Remote Code Execution Vulnerability...

CVE-2023-21727 Remote Procedure Call Runtime Remote Code Execution Vulnerability

...

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

...

UNC4466 Attack Campaign Targets Veritas Backup Exec and Deploys ALPHV Ransomware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary UNC4466 conducted an attack campaign in late 2022, gaining initial access to an internet-exposed Windows server running Veritas Backup Exec and deploying the ALPHV ransomware, with over 8,500 potentially...

CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added five security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. This includes three high-severity flaws in the Veritas Backup Exec Agent software...

Veritas Backup Exec Agent Improper Authentication Vulnerability

Veritas Backup Exec BE Agent contains an improper authentication vulnerability that could allow an attacker unauthorized access to the BE Agent via SHA authentication scheme...

Veritas Backup Exec Agent Command Execution Vulnerability

Veritas Backup Exec BE Agent contains a command execution vulnerability that could allow an attacker to use a data management protocol command to execute a command on the BE Agent machine...