124 matches found
SAP Solution Manager 7.2 Remote Command Execution Exploit
This Metasploit module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet of SAP Solution Manager SolMan running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get information abou...
SAP Solution Manager Remote Code Execution (CVE-2020-6207)
A remote code execution vulnerability exists in SAP Solution Manager. The vulnerability is due to a lack of authentication in the User Experience Monitoring componant. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted request to the target server. Successful...
Beware! Fully-Functional Exploit Released Online for SAP Solution Manager Flaw
Cybersecurity researchers have warned of a publicly available fully-functional exploit that could be used to target SAP enterprise software. The exploit leverages a vulnerability, tracked as CVE-2020-6207, that stems from a missing authentication check in SAP Solution Manager SolMan version 7.2 S...
Beware! Fully-Functional Exploit Released Online for SAP Solution Manager Flaw
Cybersecurity researchers have warned of a publicly available fully-functional exploit that could be used to target SAP enterprise software. The exploit leverages a vulnerability, tracked as CVE-2020-6207, that stems from a missing authentication check in SAP Solution Manager SolMan version 7.2 S...
CVE-2020-6207
creationtimestamp| type| source ---|---|--- 2021-01-15 03:33:25+00:00| published-proof-of-concept| Telegram/mzMPJUtI8bSjYe6VDdVcO-nYDGgxJsJcGR3bIyj6eBfmw 2021-01-16 11:50:06+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2506 2021-01-23 09:55:55+00:00|...
MacOS Out Of Bounds Read (CVE-2019-6207)
An out of bounds read vulnerability exists in MacOS. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
CVE-2020-6207
CVE-2020-6207 affects SAP Solution Manager 7.2, specifically the End User Experience Monitoring (EEM) servlet. The vulnerability is due to missing authentication checks, allowing unauthenticated access that can compromise all connected SMDAgents and enables remote code execution or command execut...
Fixed several vulnerabilities in SAP products.
Vulnerabilities have been fixed in SAP products. The vulnerabilities enable a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS SQL Injection Denial-of-Service DoS. Remote code execution User Rights Access to sensitive data SAP reports a...
CVE-2019-6207
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout...
CVE-2019-6207
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout...
CVE-2019-6207
CVE-2019-6207 is an out-of-bounds read in kernel memory handling that could let a malicious app determine kernel memory layout. Apple fixes: iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, via/improved input validation. Public documentation shows affected components (Kernel and related su...
Stack-Based Buffer Overflow
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Out-Of-Bounds Read
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS) Through Memory Corruption
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Arbitrary Code Execution
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
PHP 5.6.x < 5.6.24 Multiple Vulnerabilities (httpoxy)
According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.24. It is, therefore, affected by multiple vulnerabilities : - A man-in-the-middle vulnerability exists, known as 'httpoxy', due to a failure to properly resolve namespace conflicts in accordance wi...
PHP 7.0.x < 7.0.9 Multiple Vulnerabilities (httpoxy)
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.9. It is, therefore, affected by multiple vulnerabilities : - A man-in-the-middle vulnerability exists, known as 'httpoxy', due to a failure to properly resolve namespace conflicts in accordance wit...
SUSE SLES12 Security Update : php5 (SUSE-SU-2016:2408-1)
This update for php5 fixes the following security issues : - CVE-2016-6128: Invalid color index not properly handled bsc987580 - CVE-2016-6161: global out of bounds read when encoding gif from malformed input withgd2togif bsc988032 - CVE-2016-6292: NULL pointer dereference in exifprocessusercomme...