CVE-2019-16317

In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the phar://../../../../../../../../var/www/html/web/var/assets/ directory, a different...

Nextcloud: XSS in desktop client via invalid server address on login form

Team! I have found this vulnerability that in my time would be called "cross zone" but at the moment I don't know. The problem is found in the latest version of "nextcloud.exe" for your windows version. The problem occurs with the initial screen where you ask to connect to a website. Apparently...

Local File Inclusion

larvitbase-api is vulnerable to local file inclusion. The package uses an exposed API endpoint that accepts an unvalidated GET parameter to a require function call. This could potentially allow a remote attacker to execute any .js files within the web server. Successful exploitation causes the...

SUSE-SU-2019:2227-2 Security update for libvirt

This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd...

Microsoft Windows PowerShell - Unsanitized Filename Command Execution

''' + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-POWERSHELL-UNSANITIZED-FILENAME-COMMAND-EXECUTION.txt + ISR: Apparition Security Vendor www.microsoft.com Product Windows PowerShell Windows PowerShell...

Microsoft Windows Bluetooth CVE-2019-9506 Remote Security Vulnerability

Description Microsoft Windows Bluetooth is prone to a remote security vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Cisco 8821 Wireless IP Phones Cisco 8845 IP Phones Cisc...

CVE-2019-1925

Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced...

Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload Remote Code Execution (Metasploit)

Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload Remote Code Execution Metasploit Exploit Title: Authenticated insecure file upload and code execution flaw in Ahsay Backup v7.x - v8.1.1.50. Metasploit Date: 26-6-2019 Exploit Author: Wietse Boonstra Vendor Homepage:...

Oracle Demantra Demand Management Arbitrary File Execution Vulnerability

Oracle Supply Chain Products Suite is a suite of supply chain solutions from Oracle Corporation. The product provides value chain planning, value chain execution, product lifecycle management, etc. Demantra Demand Management is one of the components used to manage supply chain demand. A security...

Microsoft Windows 10 < build 17763 - AppXSvc Hard Link Privilege Escalation Exploit

There exists a privilege escalation vulnerability for Windows 10 builds prior to build 17763. Due to the AppXSvc's improper handling of hard links, a user can gain full privileges over a SYSTEM-owned file. The user can then utilize the new file to execute code as SYSTEM. This Metasploit module...

Microsoft Windows 10 &lt; build 17763 - AppXSvc Hard Link Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AppXSvc Hard Link Privilege Escalation', 'Description' = %q There exists a privilege escalation vulnerability for Windows 10 builds prior to buil...

Malicious Package

alipayjsapi is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...

Malicious Package

midway-xtpl is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...

Malicious Package

node-buc is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...

Malicious Package

retcodelog is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...

Malicious Package

hpmm is a malicious package. The package retrieves system information and uploads it to a remote server. It also downloads a file from a malicious server and executes it...

Malicious Package

Overview All versions of tiar contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

Malicious Package

Overview All versions of river-mock contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on th...

Malicious Package

Overview All versions of cicada-render contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on...

CVE-2019-5982

Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed...