Lucene search
K

151 matches found

Rapid7 Blog
Rapid7 Blog
added 2024/09/05 2:54 p.m.10 views

CVE-2024-45195: Apache OFBiz Unauthenticated Remote Code Execution (Fixed)

Apache OFBiz below 18.12.16 is vulnerable to unauthenticated remote code execution on Linux and Windows. An attacker with no valid credentials can exploit missing view authorization checks in the web application to execute arbitrary code on the server. Exploitation is facilitated by bypassing...

9.8CVSS10AI score0.99983EPSS
Exploits15
The Hacker News
The Hacker News
added 2024/08/06 4:16 a.m.60 views

New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution

A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning ERP system that could allow threat actors to achieve remote code execution on affected instances. Tracked as CVE-2024-38856, the flaw has a CVSS...

9.8CVSS9.7AI score0.99442EPSS
Exploits27
CISA KEV Catalog
CISA KEV Catalog
added 2024/06/12 12:0 a.m.78 views

PHP-CGI OS Command Injection Vulnerability

PHP, specifically Windows-based PHP used in CGI mode, contains an OS command injection vulnerability that allows for arbitrary code execution. This vulnerability is a patch bypass for CVE-2012-1823...

9.8CVSS8.5AI score0.99998EPSS
In wildExploits101
NVD
NVD
added 2024/05/16 9:15 a.m.23 views

CVE-2024-3435

A path traversal vulnerability exists in the 'savesettings' endpoint of the parisneo/lollms-webui application, affecting versions up to the latest release before 9.5. The vulnerability arises due to insufficient sanitization of the 'config' parameter in the 'applysettings' function, allowing an...

8.4CVSS8.7AI score0.00825EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/04/18 2:40 p.m.34 views

CVE-2024-28189 Judge0 vulnerable to Sandbox Escape Patch Bypass via chown running on Symbolic Link

Judge0 is an open-source online code execution system. The application uses the UNIX chown command on an untrusted file within the sandbox. An attacker can abuse this by creating a symbolic link symlink to a file outside the sandbox, allowing the attacker to run chown on arbitrary files outside o...

10CVSS9.9AI score0.07211EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2024/04/18 2:40 p.m.17 views

CVE-2024-28189 Judge0 vulnerable to Sandbox Escape Patch Bypass via chown running on Symbolic Link

Judge0 is an open-source online code execution system. The application uses the UNIX chown command on an untrusted file within the sandbox. An attacker can abuse this by creating a symbolic link symlink to a file outside the sandbox, allowing the attacker to run chown on arbitrary files outside o...

10CVSS7.5AI score0.07211EPSS
Exploits2References4
Microsoft CVE
Microsoft CVE
added 2024/02/26 8:0 a.m.3 views

Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch added for CVE-2022-25882.

...

7.5CVSS6AI score0.01608EPSS
Exploits1
OSV
OSV
added 2024/02/23 6:15 p.m.6 views

AZL-35146 CVE-2024-27318 affecting package pytorch for versions less than 2.2.2-1

Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch adde...

7.5CVSS6.6AI score0.01189EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/02/13 5:7 p.m.7 views

keycloak: open redirect via "form_post.jwt" JARM response mode

A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "formpost.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134...

6.1CVSS5.7AI score0.01109EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2024/02/06 3:9 p.m.42 views

Exploit for Improper Access Control in Oracle Weblogic_Server

CVE-2024-20931 CVE-2024-20931, this is the bypass of the patch...

7.5CVSS7.1AI score0.99811EPSS
Exploits11
OSV
OSV
added 2024/01/23 2:43 p.m.8 views

GHSA-9VM7-V8WJ-3FQW keycloak-core: open redirect via "form_post.jwt" JARM response mode

An incomplete fix was found in Keycloak Core patch. An attacker can steal authorization codes or tokens from clients using a wildcard in the JARM response mode "formpost.jwt". It is observed that changing the responsemode parameter in the original proof of concept from "formpost" to "formpost.jwt...

4.6CVSS5.9AI score0.01109EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2024/01/09 4:42 p.m.6 views

keycloak: open redirect via "form_post.jwt" JARM response mode

A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "formpost.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134...

6.1CVSS5.7AI score0.01109EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/01/09 4:8 p.m.87 views

keycloak: open redirect via "form_post.jwt" JARM response mode

A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "formpost.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134...

6.1CVSS5.7AI score0.01109EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/12/04 6:30 a.m.44 views

CVE-2023-5332 Dependency on Vulnerable Third-Party Component in GitLab

Patch in third party library Consul requires 'enable-script-checks' to be set to False. This was required to enable a patch by the vendor. Without this setting the patch could be bypassed. This only affects GitLab-EE...

5.9CVSS8.1AI score0.00742EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2023/10/25 4:47 a.m.106 views

Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities

Virtualization services provider VMware has alerted customers to the existence of a proof-of-concept PoC exploit for a recently patched security flaw in Aria Operations for Logs. Tracked as CVE-2023-34051 CVSS score: 8.1, the high-severity vulnerability relates to a case of authentication bypass...

9.8CVSS8.4AI score0.99999EPSS
Exploits16
Packet Storm
Packet Storm
added 2023/10/06 12:0 a.m.580 views

SAP Application Server ABAP Open Redirection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Open Redirect in BSP Test Application it00 Bypass for CVE-2020-6215 Patch product: SAP® Application Server ABAP and ABAP® Platform SAPBASIS vulnerable version: see sectio...

6.1CVSS7.1AI score0.01513EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/31 7:3 a.m.21 views

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console - CVE-2023-24966

Summary IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Following IBM®...

6.1CVSS6.2AI score0.00495EPSS
Exploits0Affected Software1
Rapid7 Blog
Rapid7 Blog
added 2023/07/19 5:25 p.m.79 views

CVE-2023-38205: Adobe ColdFusion Access Control Bypass [FIXED]

!CVE-2023-38205: Adobe ColdFusion Access Control Bypass \FIXED\https://blog.rapid7.com/content/images/2023/07/GettyImages-1185282377-3.jpg On July 11, 2023, Rapid7 and Adobe disclosed CVE-2023-29298, an access control bypass vulnerability affecting ColdFusion, which Rapid7 had reported to Adobe i...

5CVSS7.3AI score0.99754EPSS
Exploits0
OSV
OSV
added 2023/07/10 8:15 p.m.3 views

CVE-2023-34316

​An attacker could bypass the latest Delta Electronics InfraSuite Device Master versions prior to 1.0.7 patch, which could allow an attacker to retrieve file contents...

7.5CVSS5.8AI score0.00615EPSS
Exploits0References1
CVE
CVE
added 2023/07/10 7:1 p.m.42 views

CVE-2023-34316

Delta Electronics InfraSuite Device Master (versions prior to 1.0.7) is affected by CVE-2023-34316 (Improper Access Control). The vulnerability could allow an attacker to bypass patches and retrieve file contents due to insufficient access control on the device. Delta Electronics has provided a f...

7.5CVSS7AI score0.00615EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder