GHSA-9X4C-63PF-525F openapi-python-client Arbitrary Code Generation vulnerability

Impact Clients generated with a maliciously crafted OpenAPI Document can generate arbitrary Python code. Subsequent execution of this malicious client is arbitrary code execution. Giving this a CVSS of 8.0 high with CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:P/RL:U/RC:C . Patches Fix will be...

CVE-2020-10289 RVD#2401: Use of unsafe yaml load, ./src/actionlib/tools/library.py:132

Use of unsafe yaml load. Allows instantiation of arbitrary objects. The flaw itself is caused by an unsafe parsing of YAML values which happens whenever an action message is processed to be sent, and allows for the creation of Python objects. Through this flaw in the ROS core package of actionlib...

QlikView 12.50.20000.0 Denial Of Service

Exploit Title: QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2020-08-03 Vendor Homepage: https://www.qlik.com Software Link: https://www.qlik.com/us/trial/qlik-sense-business Tested Version: 12.50.20000.0 Vulnerability Type: Denial...

QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service (PoC)

Exploit Title: QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2020-08-03 Vendor Homepage: https://www.qlik.com Software Link: https://www.qlik.com/us/trial/qlik-sense-business Tested Version: 12.50.20000.0 Vulnerability Type: Denial...

Mocha Telnet Lite for iOS 4.2 - (User) Denial of Service Exploit

Exploit Title: Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://apps.apple.com/us/app/telnet-lite/id286893976 Software Link: App Store for iOS devices Tested Version: 4.2 Vulnerability Type: Denial of Service DoS Local Tested on OS:...

Small CRM 2.0 SQL Injection

Exploit Title: Small CRM in PHP - 'id' SQL Injection Date: 2020-07-05 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/small-crm-php/ Software Link:...

Code injection

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/deletecpesbyids?cpeids= for eval injection of Python code...

CVE-2020-15348

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/deletecpesbyids?cpeids= for eval injection of Python code...

CVE-2020-15348

CVE-2020-15348 affects Zyxel CloudCNM SecuManager (versions 3.1.0 and 3.1.1). The issue is a Python code injection vulnerability exposed through the endpoint live/CPEManager/AXCampaignManager/delete_cpes_by_ids?cpe_ids=, enabling remote code execution. Multiple connected sources corroborate that ...

Frigate 2.02 - Denial Of Service (PoC)

Exploit Title: Frigate 2.02 - Denial Of Service PoC Vendor Homepage: http://www.frigate3.com/ Software Link Download: http://www.frigate3.com/download/Frigate2.exe Exploit Author: Paras Bhatia Discovery Date: 2020-06-22 Vulnerable Software: Frigate Version: 2.02 Vulnerability Type: Denial of...

Code Blocks 17.12 - 'File Name' Local Buffer Overflow (Unicode) (SEH) (PoC)

Exploit Title: Code Blocks 17.12 - 'File Name' Local Buffer Overflow Unicode SEH PoC Vendor Homepage: http://www.codeblocks.org/ Software Link Download: https://sourceforge.net/projects/codeblocks/files/Binaries/17.12/Windows/codeblocks-17.12-setup.exe/download Exploit Author: Paras Bhatia...

Plex Media Server < 1.19.3 Authenticated RCE

According to its self-reported version number, the version of Plex Media Server installed on the remote Windows host is prior to 1.19.3. It is, therefore, affected by an authenticated remote code execution vulnerability in the camera upload feature. An authenticated, remote attacker can exploit...

Frigate 3.36.0.9 Local Buffer Overflow

Exploit Title: Frigate 3.36.0.9 - 'Command Line' Local Buffer Overflow SEH PoC Vendor Homepage: http://www.frigate3.com/ Software Link Download: http://www.frigate3.com/download/frigate3pro.exe Exploit Author: Paras Bhatia Discovery Date: 2020-06-07 Vulnerable Software: Frigate Version: "Command...

CVE-2020-13388

An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python. When loading a configuration with FromString or FromStream with YAML, one can execute arbitrary Python code, resulting in OS command execution, because safeload is not used...

Design/Logic Flaw

An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python. When loading a configuration with FromString or FromStream with YAML, one can execute arbitrary Python code, resulting in OS command execution, because safeload is not used...

CVE-2020-13144

Studio in Open edX Ironwood 2.5, when CodeJail is not used, allows a user to go to the "Create New courseNew sectionNew subsectionNew unitAdd new componentProblem buttonAdvanced tabCustom Python evaluated code" screen, edit the problem, and execute Python code. This leads to arbitrary code...

CVE-2020-13144

Studio in Open edX Ironwood 2.5, when CodeJail is not used, allows a user to go to the "Create New courseNew sectionNew subsectionNew unitAdd new componentProblem buttonAdvanced tabCustom Python evaluated code" screen, edit the problem, and execute Python code. This leads to arbitrary code...

Netsweeper WebAdmin unixlogin.php Python Code Injection

This module exploits a Python code injection in the Netsweeper WebAdmin component's unixlogin.php script, for versions 6.4.4 and prior, to execute code as the root user. Authentication is bypassed by sending a random whitelisted Referer header in each request. Tested on the CentOS Linux-based...

Plex Media Server < 1.19.3 RCE Vulnerability

Plex Media Server is prone to an authenticated remote code execution RCE vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

CVE-2020-5741

Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated attacker to execute arbitrary Python code...