Cisco Firepower System Software detection engine remote security bypass vulnerability

Cisco Firepower System Software is a next-generation firewall product NGFW from Cisco. detection engine is an intrusion detection engine. A security vulnerability exists in the detection engine in Cisco Firepower System Software, which stems from the program's failure to detect SMB2 or SMB3 files...

Cisco Firepower System Software detection engine remote security bypass vulnerability (CNVD-2018-11282)

Cisco Firepower System Software is a next-generation firewall product NGFW of Cisco USA. detection engine is one of the intrusion detection engine. A security vulnerability exists in the detection engine in Cisco Firepower System Software. A remote attacker could exploit this vulnerability by...

Cross site scripting

A cross-site scripting vulnerability exists in Jenkins S3 Plugin 0.10.12 and older in src/main/resources/hudson/plugins/s3/S3ArtifactsProjectAction/jobMain.jelly that allows attackers able to control file names of uploaded files to define file names containing JavaScript that would be executed in...

CVE-2017-12104

An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c draws a Particle object. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An...

WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution

WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution Exploit Title: Plugin Woocommerce CSV importer 3.3.6 – RCE – Unlink Date: 08/04/2018 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/woocommerce-csvimport/ Software Link:...

[SECURITY] Fedora 28 Update: libtiff-4.0.9-7.fc28

The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if yo...

Bomgar Remote Support Portal JavaStart.jar Applet Path Traversal Vulnerability

Bomgar Remote Support Portal JavaStart.jar Applet is a suite of cross-platform remote support tools from Bomgar, USA. The tool provides remote assistance through firewalls to remote desktops, servers, POS systems and other mobile devices. A path traversal vulnerability exists in Bomgar Remote...

CVE-2017-12815

Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and earlier revealed that it is vulnerable to a path traversal vulnerability. The archive can be downloaded from a given Bomgar Remote Support Portal deployment at https://domain/api/content/JavaStart.jar and is callable from...

CVE-2017-12815

Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and earlier revealed that it is vulnerable to a path traversal vulnerability. The archive can be downloaded from a given Bomgar Remote Support Portal deployment at https://domain/api/content/JavaStart.jar and is callable from...

Bomgar Remote Support Portal (RSP) Path Traversal

Hey, The Path Traversal vulnerability was found in the component of the Bomgar Remote Support Portal RSP 1. The affected component is a JavaStart.jar applet that is hosted at https://TARGET/api/content/JavaStart.jar on the vulnerable RSP deployments. The JavaStart version 52970 and prior were...

CVE-2018-5731

An issue was discovered in Heimdal PRO 2.2.190. As part of the scanning feature, a process called md.hs writes an executable called CS1.tmp to C:\windows\TEMP. Afterwards the executable is run. It is possible for an attacker to create the file first, let md.hs overwrite it, and then rewrite the...

Webmin < 0.85 Multiple Vulnerabilities

According to its self-reported version, the Webmin install hosted on the remote host is earlier than 0.85. It is, therefore, affected by multiple vulnerabilities: - A privilege escalation vulnerability which may make authentication information available to all CGI programs and allows local users ...

CVE-2018-1316

CVE-2018-1316 concerns the Apache ODE process deployment web service, which was vulnerable to directory traversal via a forged deployment name. The root cause was using a path for the deployment name, allowing traversal with .. in a request parameter, leading to potential writes to unintended loc...

CVE-2018-1316

The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion. This issue was...

GNU binutils 2.26.1 - Integer Overflow (PoC)

Exploit Title: Objdump - Integer Overflow Crash POC Date: 12.02.2018 Exploit Author: r4xis Tested Version: 2.26.1 Vuln Version: \nint mainprintf"HelloWorld!\n"; return 0;" f = open"helloWorld.c", 'w' f.writehello f.close os.system"gcc -c helloWorld.c -o test" file test test: ELF 32-bit LSB...

USN-3546-1: gcab vulnerability

Richard Hughes discovered that gcab incorrectly handled certain malformed cabinet files. If a user or automated system were tricked into opening a specially crafted cabinet file, a remote attacker could use this issue to cause gcab to crash, resulting in a denial of service, or possibly execute...

Linux/x86-64 - Read /etc/passwd + Write To /tmp/outfile Shellcode (105 bytes)

; =================================================================== ; Optimized version of shellcode at: ; http://shell-storm.org/shellcode/files/shellcode-867.php ; Author: SLAE64-1351 Keyman ; Date: 14/09/2014 ; ; Length: 105 bytes got shorter by 13 bytes ; ; What's new is that some...

Blender vcol_to_fcol Integer Overflow Code Execution Vulnerability

Summary An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...

CVE-2017-1000438

CVE-2017-1000438 concerns OMERO 5.3.3 and earlier, where a user could create an OriginalFile and adjust its path to point to another user’s file on the underlying filesystem, allowing manipulation of that user’s data. The root cause is improper handling of file paths for OriginalFile records, ena...

BrightSign Digital Signage - Multiple Vulnerablities

Exploit Title: BrightSign Digital Signage Multiple Vulnerabilities Date: 12/15/17 Exploit Author: [email protected] Vectors: XSS, Directory Traversal, File Modification, Information Leakage The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below suffers from multiple...