CVE-2022-28478

SeedDMS 6.0.17 and 5.1.24 are vulnerable to Directory Traversal. The "Remove file" functionality inside the "Log files management" menu does not sanitize user input allowing attackers with admin privileges to delete arbitrary files on the remote system...

CVE-2022-28478

SeedDMS vulnerability CVE-2022-28478 affects SeedDMS 6.0.17 and 5.1.24. The issue is a directory traversal in the Remove file function within Log files management, where user input is not sanitized. This permits an attacker with admin privileges to delete arbitrary files on the remote system. No ...

Code injection

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG-IQ Centralized Management all versions of 8.x and 7.x, an authenticated, high-privileged attacke...

Tenda HG6 v3.3.0 Remote Command Injection Vulnerability

Summary HG6 is an intelligent routing passive optical network terminal in Tenda FTTH solution. HG6 provides 4 LAN ports1GE,3FE, a voice port to meet users' requirements for enjoying the Internet, HD IPTV and VoIP multi-service applications. Description The application suffers from an authenticate...

Malicious Package

aiohttpsocks4/aiohttpsocks5 is a malicious package. It contain malicious EXEs packaged as large base64-string and imitates a massively popular middleware/proxy connector for aiohttpsocks. As it is installed, it runs automatically and drops more malicious executables with capabilities ranging from...

SSL Certificate with no Subject

The remote system is providing an SSL/TLS certificate without a subject field. While this is not required in all cases, it is recommended to ensure broad compatibility. TRUSTED...

MGASA-2022-0100 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.28 and fixes at least the following security issues: Non-transparent sharing of branch predictor selectors between contexts in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...

CVE-2021-46368

TRIGONE Remote System Monitor 3.61 is vulnerable to an unquoted path service allowing local users to launch processes with elevated privileges...

CVE-2021-46368

TRIGONE Remote System Monitor 3.61 is vulnerable to an unquoted path service allowing local users to launch processes with elevated privileges...

CVE-2021-46368

TRIGONE Remote System Monitor 3.61 is vulnerable to an unquoted path service allowing local users to launch processes with elevated privileges...

CVE-2021-46368

CVE-2021-46368 affects TRIGONE Remote System Monitor 3.61. The issue is an unquoted path service, enabling local attackers to launch processes with elevated privileges. According to NVD/NVD-derived data, the vulnerability allows local privilege escalation with high impact (CVSS 3.1: Local attack,...

Trigone Remote System Monitor 安全漏洞

Trigone Remote System Monitor is a remote system monitor from Trigone. It is used to monitor computer hardware and system parameters from an Android device or BlackBerry Playbook. Trigone Remote System Monitor suffers from a code issue vulnerability that stems from Trigone Remote System Monitor...

CVE-2021-35380

A Directory Traversal vulnerability exists in Solari di Udine TermTalk Server TTServer 3.24.0.2, which lets an unauthenticated malicious user gain access to the files on the remote system by gaining access to the relative path of the file they want to download http://url:port/file?valore...

Juniper Networks Junos OS 信任管理问题漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS A trust management issue vulnerability exists in Juniper Networks Junos OS that...

TRIGONE Remote System Monitor 3.61 Unquoted Service Path Vulnerability

Exploit Title: TRIGONE Remote System Monitor 3.61 Unquoted Service Path Discovery by: Yehia Elghaly Vendor Homepage: https://www.trigonesoft.com/ Software Link: https://www.trigonesoft.com/download/RemoteSystemmonitorServer3.61x86Setup.exe Tested Version: 3.61 Vulnerability Type: Unquoted Service...

TRIGONE Remote System Monitor 3.61 Unquoted Service Path

Exploit Title: TRIGONE Remote System Monitor 3.61 Unquoted Service Path Discovery by: Yehia Elghaly Date: 30-12-2021 Vendor Homepage: https://www.trigonesoft.com/ Software Link: https://www.trigonesoft.com/download/RemoteSystemmonitorServer3.61x86Setup.exe Tested Version: 3.61 Vulnerability Type:...

CVE-2021-43797

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fa...

Virus.Win32.Ipamor.c Unauthenticated Reboot

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b6bfdfe91c3e37865b6a269dc9ff9302.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Virus.Win32.Ipamor.c Vulnerability: Unauthenticated Remote System Reboot Description: The malware...

Virus.Win32.Ipamor.c Unauthenticated Remote System Reboot

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/bbf032a3aa288f02403295f0472d1f05.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Virus.Win32.Ipamor.c Vulnerability: Unauthenticated Remote System Reboot Description: The malware...

NCH Quorum has multiple vulnerabilities

NCH Quorum is a teleconference server software. It can turn any computer into a conference call server. NCH Quorum is vulnerable to directory traversal and arbitrary file deletion, which can be exploited to view or delete any file on a remote system via path traversal in a separate function...