TelegramRAT - Cross Platform Telegram Based RAT That Communicates Via Telegram To Evade Network Restrictions

Cross Platform Telegram based RAT that communicates via telegram to evade network restrictions Installation: 1. git clone https://github.com/machine1337/TelegramRAT.git 2. Now Follow the instructions in HOW TO USE Section. HOW TO USE: 1. Go to Telegram and search for https://t.me/BotFather 2...

HCL Technologies BigFix Mobile Command Injection Vulnerability

HCL Technologies BigFix Mobile is a Mobile Device Management MDM solution from HCL Technologies. It is designed to help businesses and organizations effectively manage and secure mobile devices, including smartphones, tablets and other mobile devices. HCL Technologies BigFix Mobile suffers from a...

CVE-2023-28012

HCL BigFix Mobile is vulnerable to a command injection attack. An authenticated attacker could run arbitrary shell commands on the WebUI server...

HCL Technologies BigFix Mobile 命令注入漏洞

HCL Technologies BigFix Mobile is a Mobile Device Management MDM solution from HCL Technologies. It is designed to help businesses and organizations effectively manage and secure mobile devices, including smartphones, tablets and other mobile devices. HCL Technologies BigFix Mobile suffers from a...

PT-2023-21478 · Hcl · Hcl Bigfix Mobile

Name of the Vulnerable Software and Affected Versions: HCL BigFix Mobile affected versions not specified Description: The issue allows an authenticated attacker to perform a command injection attack, enabling them to run arbitrary shell commands on the WebUI server. Recommendations: At the moment...

openSUSE 15 Security Update : texlive (SUSE-SU-2023:2284-2)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:2284-2 advisory. - LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because...

Updated texlive packages fix security vulnerability

Any document compiled with older versions of LuaTeX can execute arbitrary shell commands, even with shell escape disabled. CVE-2023-32700...

CVE-2021-42081

An authenticated administrator is allowed to remotely execute arbitrary shell commands via the API. POC...

CVE-2021-42081 Authenticated Remote Command Execution vulnerability in OSNEXUS QuantaStor before 6.0.0.355

An authenticated administrator is allowed to remotely execute arbitrary shell commands via the API. POC...

OSNEXUS QuantaStor 操作系统命令注入漏洞

OSNEXUS QuantaStor is a unified software-defined storage platform from OSNEXUS Corporation. An operating system command injection vulnerability exists in OSNEXUS QuantaStor versions prior to 6.0.0.355. An attacker could exploit this vulnerability to remotely execute arbitrary shell commands via t...

Design/Logic Flaw

A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user...

CVE-2023-2625

A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user...

CVE-2023-2625

A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user...

CVE-2023-2625

CVE-2023-2625 (CoreTec 4) : The provided documents describe a command-injection vulnerability in Hitachi Energy TXpert Hub CoreTec 4. An authenticated client on the same network segment (with any access level from VIEWER to ADMIN) can inject shell commands through a specific field in the web UI, ...

Oracle Linux 8 / 9 : texlive (ELSA-2023-3661)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3661 advisory. 9:20200406-26 - Resolves: 2209872, CVE-2023-32700 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

texlive: arbitrary code execution allows document complied with older version

An arbitrary code execution vulnerability was found in LuaTeX TeX Live that allows any document compiled with older versions of LuaTeX to execute arbitrary shell commands, even with shell escape disabled...

EulerOS Virtualization 3.0.6.0 : python2 (EulerOS-SA-2023-2214)

According to the versions of the python2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system...

CVE-2023-34343

AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, or data tampering...

CVE-2023-34343

AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, or data tampering...

CVE-2023-34334

AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, or data tampering...