197 matches found
Microsoft Defender 代码注入漏洞
Microsoft Defender for IoT is an asset discovery, vulnerability management, and threat monitoring solution for IoT/OT environments.Microsoft Defender for IoT suffers from a remote code execution vulnerability. An attacker could exploit this vulnerability to execute code on the target host...
Advanced Comment System 1.0 - Remote Command Execution Exploit
Exploit Title: Advanced Comment System 1.0 - Remote Command Execution RCE Exploit Author: Nicole Daniella Murillo Mejias Version: Advanced Comment System 1.0 Tested on: Linux !/usr/bin/env python3 DESCRIPTION: Commands are Base64 encoded and sent via POST requests to the vulnerable application, t...
Advanced Comment System 1.0 - Remote Command Execution (RCE)
Exploit Title: Advanced Comment System 1.0 - Remote Command Execution RCE Date: November 30, 2021 Exploit Author: Nicole Daniella Murillo Mejias Version: Advanced Comment System 1.0 Tested on: Linux !/usr/bin/env python3 DESCRIPTION: Commands are Base64 encoded and sent via POST requests to the...
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Microsoft Windows Media Foundation is a next-generation multimedia platform for Windows that enables developers, consumers, and content providers to embrace a new wave of advanced content with greater robustness, unparalleled quality, and seamless interaction. microsoft Windows Media Foundation...
Microsoft Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Windows Scripting is a scripting language for the Windows operating system from Microsoft Corporation USA.A memory corruption vulnerability exists in the Microsoft Chakra Scripting Engine, which can be exploited by attackers to execute code on the target host...
Microsoft Windows COM Remote Code Execution Vulnerability
Microsoft Windows COM is a technology from Microsoft Corporation USA designed to reuse software.COM is described as a platform-independent, decentralized, object-oriented system for creating interactive binary software components.Microsoft Windows COM is vulnerable to a remote code execution...
Microsoft Windows NTFS Remote Code Execution Vulnerability
Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing and logging capabilities. A remote code execution vulnerability exists in Microsoft Windows NTFS, which can be exploited by an attacker to execute code on th...
Microsoft Excel Remote Code Execution Vulnerability (CNVD-2021-102060)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft Corporation USA.Microsoft Excel is vulnerable to remote code execution. An attacker could exploit this vulnerability to execute code on the target host...
SUSE: Security Advisory (SUSE-SU-2021:3649-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows NTFS 代码注入漏洞
Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing and logging capabilities. A remote code execution vulnerability exists in Microsoft Windows NTFS, which can be exploited by an attacker to execute code on th...
Microsoft Windows Scripting 缓冲区错误漏洞
Microsoft Windows Scripting is a scripting language for the Windows operating system from Microsoft Corporation USA.A memory corruption vulnerability exists in the Microsoft Chakra Scripting Engine, which can be exploited by attackers to execute code on the target host...
Microsoft Dynamics 代码注入漏洞
Microsoft Dynamics 365 is a suite of ERP business solutions for multinational organizations. The product includes financial management, production management and business intelligence management. A remote code execution vulnerability exists in Microsoft Dynamics 365, which can be exploited by an...
Microsoft Excel 代码注入漏洞
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft Corporation USA.Microsoft Excel is vulnerable to remote code execution. An attacker could exploit this vulnerability to execute code on the target host...
apache-httpclient: incorrect handling of malformed authority component in request URIs
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...
apache-httpclient: incorrect handling of malformed authority component in request URIs
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...
Exploit for Expression Language Injection in Atlassian Confluence_Data_Center
CVE-2021-26084 CVE-2021-26084 - Confluence Pre-Auth RCE | O...
Path traversal
Corero SecureWatch Managed Services 9.7.2.0020 is affected by a Path Traversal vulnerability via the snapfile parameter in the /it-IT/splunkd/raw/services/getsnapshot HTTP API endpoint. A ‘low privileged’ attacker can read any file on the target host...
Microsoft Excel Remote Code Execution Vulnerability (CNVD-2021-54413)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft Corporation USA.Microsoft Excel is vulnerable to remote code execution. An attacker could exploit this vulnerability to execute code on the target host...
Microsoft Excel Remote Code Execution Vulnerability (CNVD-2021-54407)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft Corporation USA.Microsoft Excel is vulnerable to remote code execution. An attacker could exploit this vulnerability to execute code on the target host...
Microsoft Word 代码注入漏洞
Microsoft Word is a word processing software in the Office suite from Microsoft Corporation USA.Microsoft Word is vulnerable to remote code execution. An attacker could exploit this vulnerability to execute code on the target host...