RHCOS 4 : OpenShift Container Platform 4.14.23 (RHSA-2024:2054)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2054 advisory. - kubernetes: kube-apiserver: bypassing mountable secrets policy imposed by the ServiceAccount admission plugin CVE-2024-3177 -...

EUVD-2007-2347

Malware in sbrugna...

CVE-2012-2054

Redmine before 1.3.2 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set attributes in the 1 Comment, 2 Document, 3 IssueCategory, 4 MembersController, 5 Message, 6 News, 7 TimeEntry, 8 Version, 9 Wiki, 10 UserPreference, o...

CVE-2005-2054

Unknown vulnerability in RealPlayer 10 and 10.5 6.0.12.1040-1069 and RealOne Player v1 and v2 allows remote attackers to overwrite arbitrary files or execute arbitrary ActiveX controls via a crafted MP3 file...

Artica Proxy 4.50 - Remote Code Execution (RCE)

Exploit Title: Artica Proxy 4.50 - Remote Code Execution RCE Date: 23-04-2024 Exploit Author: Madan Vendor Homepage: https://artica-proxy.com/ Version: 4.40, 4.50 Tested on: relevant os CVE : CVE-2024-2054 you can also find the exploit on my github repo: https://github.com/Madan301/CVE-2024-2054...

📄 Artica Proxy 4.50 Remote Code Execution

Artica Proxy version 4.50 suffers from a remote code execution vulnerability due to insecure deserialization. Exploit Title: CVE-2024-2054 Artica-Proxy administrative web application insecure deserialization RCE Google Dork: Date: 23-04-2024 Exploit Author: Madan Vendor Homepage:...

CVE-2025-2054

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/editstate.php. The manipulation of the argument stateid leads to sql injection. The attack can be launched...

CVE-2025-2054

creationtimestamp| type| source ---|---|--- 2025-03-07 01:34:37+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6782 2025-03-07 04:03:51+00:00| seen| https://t.me/cvedetector/19768 2025-03-07 06:00:30+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2022-2054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Code Injection in GitHub repository nuitka/nuitka prior to 0.9. CVE-2022-2054 Note that Nessus relies on the presence of the package as reported by the vendor...

CVE-2022-2054

Code Injection in GitHub repository nuitka/nuitka prior to 0.9...

CVE-2024-46049

Tenda O6 V3.0 firmware V1.0.0.72054 contains a stack overflow vulnerability in the formexeCommand function...

Artica Proxy Unauthenticated PHP Deserialization Exploit

A command injection vulnerability in Artica Proxy appliance versions 4.50 and 4.40 allows remote attackers to run arbitrary commands via an unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and...

Artica Proxy Unauthenticated PHP Deserialization

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Artica Proxy Unauthenticated PHP Deserialization Vulnerability', 'Description' = %q A Command Injection vulnerability in Artica Proxy appliance...

Artica Proxy Unauthenticated PHP Deserialization Vulnerability

A Command Injection vulnerability in Artica Proxy appliance version 4.50 and 4.40 allows remote attackers to run arbitrary commands via unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and...

CVE-2024-2054

The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user...

Artica Proxy 4.50 Unauthenticated PHP Deserialization Vulnerability

The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user. Version 4.50 is affected. Title: Artica Proxy Unauthenticated PHP Deserialization Vulnerability Advisory ID:...

Artica Proxy 4.50 Unauthenticated PHP Deserialization

KL-001-2024-002: Artica Proxy Unauthenticated PHP Deserialization Vulnerability Title: Artica Proxy Unauthenticated PHP Deserialization Vulnerability Advisory ID: KL-001-2024-002 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-002.txt 1...

CVE-2024-2054 Artica Proxy Unauthenticated PHP Deserialization Vulnerability

The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user...

CVE-2024-2054

CVE-2024-2054 affects Artica Proxy (administrative web app). Multiple connected sources confirm an unauthenticated PHP object deserialization flaw that enables remote code execution as the www-data user. Public materials describe exploitable behavior via deserialization in Artica Proxy versions a...

Artica Proxy Unauthenticated PHP Deserialization Vulnerability

Vulnerability Details Affected Vendor: Artica Affected Product: Artica Proxy Affected Version: 4.50 Platform: Debian 10 LTS CWE Classification: CWE-502 Deserialization of Untrusted Data CVE ID: CVE-2024-2054 2. Vulnerability Description The Artica Proxy administrative web application will...