545 matches found
CVE-2021-38485
The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config files to replace any file on disk...
CVE-2021-38485
The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config files to replace any file on disk...
Input validation
The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config files to replace any file on disk...
CVE-2021-38485 Emerson WirelessHART Gateway
The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config files to replace any file on disk...
Nameko Arbitrary code execution due to YAML deserialization
Impact Nameko can be tricked to perform arbitrary code execution when deserialising a YAML config file. Example: yaml malicious.yaml !!python/object/new:type args: 'z', !!python/tuple , 'extend': !!python/name:exec listitems: "import'os'.system'cat /etc/passwd'" shell $ nameko run --config...
Prototype Pollution in config-handler
All versions of package config-handler are vulnerable to Prototype Pollution when loading config files...
CVE-2021-23448
All versions of package config-handler are vulnerable to Prototype Pollution when loading config files...
CVE-2021-23448 Prototype Pollution
All versions of package config-handler are vulnerable to Prototype Pollution when loading config files...
CVE-2021-29700
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authneticated attacker to obtain sensitive information from configuration files that could aid in further attacks against the system. IBM X-Force ID: 200656...
Digsby Credential Gatherer
This module searches for Digsby credentials on a Windows host. Module Options msf use post/windows/gather/credentials/digsby msf postdigsby show actions ...actions... msf postdigsby set ACTION msf postdigsby show options ...show and set options... msf postdigsby run This module requires Metasploi...
Tango Credential Gatherer
This module searches for Tango credentials on a Windows host. Tango is a third-party, cross platform messaging application software for smartphones developed by TangoME, Inc. Module Options msf use post/windows/gather/credentials/tango msf posttango show actions ...actions... msf posttango set...
CVE-2021-39180
OpenOLAT is a web-based learning management system LMS. A path traversal vulnerability exists in versions prior to 15.3.18, 15.5.3, and 16.0.0. Using a specially prepared ZIP file, it is possible to overwrite any file that is writable by the application server user e.g. the tomcat user. Depending...
CVE-2021-39180 Path Traversal in Archive Handling Leading to Code Execution
OpenOLAT is a web-based learning management system LMS. A path traversal vulnerability exists in versions prior to 15.3.18, 15.5.3, and 16.0.0. Using a specially prepared ZIP file, it is possible to overwrite any file that is writable by the application server user e.g. the tomcat user. Depending...
Prototype Pollution
Overview Affected versions of this package are vulnerable to Prototype Pollution when loading config files. Details Prototype Pollution is a vulnerability affecting JavaScript. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes,...
CVE-2021-34638
Authenticated Directory Traversal in WordPress Download Manager = 3.1.24 allows authenticated Contributor+ users to obtain sensitive configuration file information, as well as allowing Author+ users to perform XSS attacks, by setting Download template to a file containing configuration informatio...
Juumla - Tool Designed To Identify And Scan For Version, Config Files In The CMS Joomla!
Juumla is a python tool developed to identify the current Joomla version and scan for readable Joomla config files. Installing / Getting started A quick guide of how to install and use Juumla. 1. Clone the repository - git clone https://github.com/oppsec/juumla.git 2. Install the libraries - pip3...
dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient
A flaw was found in the Dynamic Host Configuration Protocol DHCP. There is a discrepancy between the code that handles encapsulated option information in leases transmitted "on the wire" and the code which reads and parses lease information after it has been written to disk storage. This flaw...
dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient
A flaw was found in the Dynamic Host Configuration Protocol DHCP. There is a discrepancy between the code that handles encapsulated option information in leases transmitted "on the wire" and the code which reads and parses lease information after it has been written to disk storage. This flaw...
dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient
A flaw was found in the Dynamic Host Configuration Protocol DHCP. There is a discrepancy between the code that handles encapsulated option information in leases transmitted "on the wire" and the code which reads and parses lease information after it has been written to disk storage. This flaw...
dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient
A flaw was found in the Dynamic Host Configuration Protocol DHCP. There is a discrepancy between the code that handles encapsulated option information in leases transmitted "on the wire" and the code which reads and parses lease information after it has been written to disk storage. This flaw...