1885 matches found
[SECURITY] Fedora 34 Update: matrix-synapse-1.38.1-1.fc34
Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...
The vulnerability of the `unsplash_download_w` and `unsplash_download_h` parameters in the Instant Images One Click plugin of the WordPress content management system allows attackers to perform cross-site scripting attacks.
The vulnerability of the unsplashdownloadw and unsplashdownloadh parameters in the “One Click for Instant Images” plugin of the WordPress content management system is related to the lack of measures taken to protect the website’s structure. Exploiting this vulnerability could allow a malicious...
Fedora: Security Advisory for matrix-synapse (FEDORA-2021-a627cfd31e)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Aruba Instant command execution
Added: 07/28/2021 Background Aruba Instant is a controllerless wi-fi solution. Problem The combination of several different vulnerabilities in Aruba Instant could allow remote attackers to execute arbitrary commands by sending specially crafted web requests. Resolution Upgrade to Aruba Instant...
Aruba Instant command execution
Added: 07/28/2021 Background Aruba Instant is a controllerless wi-fi solution. Problem The combination of several different vulnerabilities in Aruba Instant could allow remote attackers to execute arbitrary commands by sending specially crafted web requests. Resolution Upgrade to Aruba Instant...
Aruba Instant command execution
Added: 07/28/2021 Background Aruba Instant is a controllerless wi-fi solution. Problem The combination of several different vulnerabilities in Aruba Instant could allow remote attackers to execute arbitrary commands by sending specially crafted web requests. Resolution Upgrade to Aruba Instant...
CVE-2021-34617
A remote cross-site scripting XSS vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.13 and below; Aruba Instant 6.5.x: 6.5.4.13 and below; Aruba Instant 8.3.x: 8.3.0.7 and below; Aruba Instant 8.4.x: 8.4.0.5 and below; Aru...
CVE-2021-34618
A remote denial of service DoS vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.4.x: All versions; Aruba...
CVE-2021-34618
A remote denial of service DoS vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.4.x: All versions; Aruba...
Cross site scripting
A remote cross-site scripting XSS vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.13 and below; Aruba Instant 6.5.x: 6.5.4.13 and below; Aruba Instant 8.3.x: 8.3.0.7 and below; Aruba Instant 8.4.x: 8.4.0.5 and below; Aru...
Denial of service
A remote denial of service DoS vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.4.x: All versions; Aruba...
Aruba Instant 跨站脚本漏洞
Aruba Instant is a wireless network from Aruba USA. provides the only Wi-Fi solution that is easy to set up. A cross-site scripting vulnerability exists in Aruba Instant Access Point IAP, which stems from a WEB application that lacks proper validation of client data. An attacker could exploit the...
Aruba Networks Instant 资源管理错误漏洞
Aruba Networks Instant is an enterprise wireless LAN building solution from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks Instant Access Point IAP, which can be exploited by an attacker to cause a denial of service...
Aruba Instant (IAP) Remote Code Execution
import socket import sys import struct import time import threading import urllib3 import re import telnetlib import xml.etree.ElementTree as ET import requests urllib3.disablewarnings CONTINUERACE = True SNPRINTFCREATEFILEMAXLENGTH = 245 def racepapimessageip: global CONTINUERACE payload =...
Aruba Instant 8.7.1.0 Arbitrary File Modification
Exploit Title: Aruba Instant 8.7.1.0 - Arbitrary File Modification Date: 15/07/2021 Exploit Author: Gr33nh4t Vendor Homepage: https://www.arubanetworks.com/ Version: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below Aruba Instant 6.5.x: 6.5.4.18 and below Aruba Instant 8.3.x: 8.3.0.14 and below Aru...
Aruba Instant 8.7.1.0 - Arbitrary File Modification Exploit
Exploit Title: Aruba Instant 8.7.1.0 - Arbitrary File Modification Exploit Author: Gr33nh4t Vendor Homepage: https://www.arubanetworks.com/ Version: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below Aruba Instant 6.5.x: 6.5.4.18 and below Aruba Instant 8.3.x: 8.3.0.14 and below Aruba Instant 8.5.x:...
Aruba Instant (IAP) - Remote Code Execution Exploit
Aruba Instant IAP - Remote Code Execution Exploit import socket import sys import struct import time import threading import urllib3 import re import telnetlib import xml.etree.ElementTree as ET import requests urllib3.disablewarnings CONTINUERACE = True SNPRINTFCREATEFILEMAXLENGTH = 245 def...
Aruba Instant 8.7.1.0 - Arbitrary File Modification
Exploit Title: Aruba Instant 8.7.1.0 - Arbitrary File Modification Date: 15/07/2021 Exploit Author: Gr33nh4t Vendor Homepage: https://www.arubanetworks.com/ Version: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below Aruba Instant 6.5.x: 6.5.4.18 and below Aruba Instant 8.3.x: 8.3.0.14 and below Aru...
Aruba Instant (IAP) - Remote Code Execution
import socket import sys import struct import time import threading import urllib3 import re import telnetlib import xml.etree.ElementTree as ET import requests urllib3.disablewarnings CONTINUERACE = True SNPRINTFCREATEFILEMAXLENGTH = 245 def racepapimessageip: global CONTINUERACE payload =...
Denial of Service Vulnerability in WiseFaFa Chat Tool
WiseFaFaFa Chat Tool is a free instant messaging software. It has features such as instant messaging, automatic creation of business groups and business organization structure. A denial-of-service vulnerability exists in Huicong Fafa Chat Tool, which can be exploited by attackers to cause a...