CVE-2019-14923

EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/toolall/ host field...

CVE-2019-12325

The Htek UC902 VoIP phone web management interface contains several buffer overflow vulnerabilities in the firmware version 2.0.4.4.46, which allow an attacker to crash the device DoS without authentication or execute code authenticated as a user to spawn a remote shell as a root user...

Buffer overflow

The Htek UC902 VoIP phone web management interface contains several buffer overflow vulnerabilities in the firmware version 2.0.4.4.46, which allow an attacker to crash the device DoS without authentication or execute code authenticated as a user to spawn a remote shell as a root user...

CVE-2019-1576

Command injection in PAN-0S 9.0.2 and earlier may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions...

CVE-2019-1576

Command injection in PAN-0S 9.0.2 and earlier may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions...

Command injection

Command injection in PAN-0S 9.0.2 and earlier may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions...

CVE-2019-1576

Command injection in PAN-0S 9.0.2 and earlier may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions...

CVE-2019-1576

CVE-2019-1576: Command injection in PAN-OS affects PAN-OS 9.0.2 and earlier via the PAN-OS CLI. An authenticated attacker could exploit a failure in input handling to execute arbitrary commands and gain a remote shell with escalated permissions. The root cause is improper filtering during constru...

Command Injection in PAN-OS

A command injection vulnerability exists in the Palo Alto Networks PAN-OS Command Line Interface CLI. Ref PAN-111872/ CVE-2019-1576 Successful exploitation of this issue may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s...

Command Injection in PAN-OS

A command injection vulnerability exists in the Palo Alto Networks PAN-OS Command Line Interface CLI. Ref PAN-111872/ CVE-2019-1576 Successful exploitation of this issue may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s...

Debian DSA-4481-1 : ruby-mini-magick - security update

Harsh Jaiswal discovered a remote shell execution vulnerability in ruby-mini-magick, a Ruby library providing a wrapper around ImageMagick or GraphicsMagick, exploitable when using MiniMagick::Image.open with specially crafted URLs coming from unsanitized user input. C Tenable Network Security,...

Debian: Security Advisory (DSA-4481-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4481-1] ruby-mini-magick security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4481-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 13, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4481-1] ruby-mini-magick security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4481-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 13, 2019 https://www.debian.org/security/faq -...

Remote command execution via filename

A remote shell execution vulnerability when using MiniMagick::Image.open with URL coming from unsanitized user input. e.g. MiniMagick::Image.open"| touch.txt"...

Researcher Exploits Microsoft's Notepad to 'Pop a Shell'

A memory corruption bug in the Microsoft’s Windows Notepad application can be used to open remote shell access – typically a first step for attackers infiltrating a system. The bug was found by Tavis Ormandy, a bug hunter with Google’s Project Zero team. In a tweet he indicated that the bug was...

Exploit for Use After Free in Microsoft

CVE-2019-0708-POC Working proof of concept for...

Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server

CNVD-C-2019-48814和CNNVD-201904-961 感谢t00ls-ximcx0101提供脚本 CNVD-...

TP-LINK TL-WR940N / TL-WR941ND Buffer Overflow

Author Grzegorz Wypych - h0rac TP-LINK TL-WR940N/TL-WR941ND buffer overflow remote shell exploit import requests import md5 import base64 import string import struct import socket password = md5.new'admin'.hexdigest cookie = base64.b64encode'admin:'+password print '+ Authorization cookie: ', cook...

TP-LINK TL-WR940N / TL-WR941ND - Buffer Overflow

Author Grzegorz Wypych - h0rac TP-LINK TL-WR940N/TL-WR941ND buffer overflow remote shell exploit import requests import md5 import base64 import string import struct import socket password = md5.new'admin'.hexdigest cookie = base64.b64encode'admin:'+password print '+ Authorization cookie: ', cook...