CVE-2023-2612

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...

PT-2023-3081 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Ubuntu Linux kernel affected versions not specified Description: The shiftfs file system in the Ubuntu Linux kernel contains a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of...

UBUNTU-CVE-2023-0185

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign conversion issuescasting an unsigned primitive to signed may lead to denial of service or information disclosure...

UBUNTU-CVE-2023-0183

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer where an out-of-bounds write can lead to denial of service and data tampering...

Composr-CMS 10.0.39 Remote Code Execution

Exploit Title: Composr-CMS Version Commandr !/usr/bin/python3 import requests from bs4 import BeautifulSoup import time cookies = 'hascookies': '1', 'PHPSESSID': 'ddf2e7c8ff1000a7c27b132b003e1f5c', You need to change this as it is dynamic 'commandrdir': 'L3Jhdy91cGxvYWRzL2ZpbGVkdW1wLw%3D%3D',...

Composr CMS Version <=10.0.39 - Authenticated Remote Code Execution Exploit

Exploit Title: Composr-CMS Version Commandr !/usr/bin/python3 import requests from bs4 import BeautifulSoup import time cookies = 'hascookies': '1', 'PHPSESSID': 'ddf2e7c8ff1000a7c27b132b003e1f5c', You need to change this as it is dynamic 'commandrdir': 'L3Jhdy91cGxvYWRzL2ZpbGVkdW1wLw%3D%3D',...

Composr-CMS Version &lt;=10.0.39 - Authenticated Remote Code Execution

Exploit Title: Composr-CMS Version Commandr !/usr/bin/python3 import requests from bs4 import BeautifulSoup import time cookies = 'hascookies': '1', 'PHPSESSID': 'ddf2e7c8ff1000a7c27b132b003e1f5c', You need to change this as it is dynamic 'commandrdir': 'L3Jhdy91cGxvYWRzL2ZpbGVkdW1wLw%3D%3D',...

Zoom Client for Meetings < 5.1.0 Vulnerability (ZSB-21015)

The version of Zoom Client for Meetings installed on the remote host is prior to 5.1.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-21015 advisory. - In the Zoom Client for Meetings for Ubuntu Linux before version 5.1.0, there is an HTML injection flaw when sending a...

UBUNTU-CVE-2022-3566

A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assign...

Ubuntu 18.04 LTS : Linux kernel (AWS) vulnerabilities (USN-5682-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5682-1 advisory. It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose...

Blink1Control2 2.2.7 - Weak Password Encryption Exploit

// Exploit Title: Blink1Control2 2.2.7 - Weak Password Encryption // Exploit Author: p1ckzi // Vendor Homepage: https://thingm.com/ // Software Link: https://github.com/todbot/Blink1Control2/releases/tag/v2.2.7 // Vulnerable Version: blink1control2 !/usr/bin/env node const ArgumentParser =...

Blink1Control2 2.2.7 Weak Password Encryption

// Exploit Title: Blink1Control2 2.2.7 - Weak Password Encryption // Date: 2022-08-12 // Exploit Author: p1ckzi // Vendor Homepage: https://thingm.com/ // Software Link: https://github.com/todbot/Blink1Control2/releases/tag/v2.2.7 // Vulnerable Version: blink1control2 !/usr/bin/env node const...

Blink1Control2 2.2.7 - Weak Password Encryption

// Exploit Title: Blink1Control2 2.2.7 - Weak Password Encryption // Date: 2022-08-12 // Exploit Author: p1ckzi // Vendor Homepage: https://thingm.com/ // Software Link: https://github.com/todbot/Blink1Control2/releases/tag/v2.2.7 // Vulnerable Version: blink1control2 !/usr/bin/env node const...

Canonical Ubuntu Linux 输入验证错误漏洞

Canonical Ubuntu Linux is a Linux operating system from Canonical, a British company. A security vulnerability exists in Canonical Ubuntu Linux that originates from incorrectly handling the reference count of certain objects, resulting in a denial of service. An attacker can exploit the...

UBUNTU-CVE-2022-38853

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function asfinitaudiostream of libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1...

Watch Queue Out-Of-Bounds Write

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Watch Queue Out of Bounds Write', 'Description' = %q This module exploits a vulnerability in the Linux Kernel's watchqueue event notification...

Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting Vulnerability

Exploit Title: Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting XSS Exploit Author: Momen Eldawakhly CyberGuy Vendor Homepage: https://www.zyxel.com Version: ZyWALL 2 Plus Tested on: Ubuntu Linux Firefox CVE : CVE-2021-46387 GET...

Safari Montage 8.5 Cross Site Scripting

Exploit Title: SAFARI Montage 8.5 - Reflected Cross Site Scripting XSS Date: 28/12/2021 Exploit Author: Momen Eldawakhly - Cyber Guy - Resecurity Inc Vendor Homepage: https://www.safarimontage.com/ Version: 8.3 and 8.5 Tested on: Ubuntu Linux Firefox CVE: CVE-2021-45425 Proof of Concept: GET...

SAFARI Montage 8.5 - Reflected Cross Site Scripting Vulnerability

Exploit Title: SAFARI Montage 8.5 - Reflected Cross Site Scripting XSS Exploit Author: Momen Eldawakhly - Cyber Guy - Resecurity Inc Vendor Homepage: https://www.safarimontage.com/ Version: 8.3 and 8.5 Tested on: Ubuntu Linux Firefox CVE: CVE-2021-45425 Proof of Concept: GET...

Exploit for Race Condition in Canonical Ubuntu_Linux

《云原生安全：攻防实践与体系构建》资料仓库 本仓库提供了《云原生安全：攻防实践与体系构建》一书的补充材料和随书源码，供感兴趣的读者深入阅读、实践。 本仓库所有内容仅供教学、研究使用，严禁用于非法用途，违者后果自负！ 相关链接：豆瓣 | 京东 | 当当 补充阅读资料 - 100云计算简介.pdf - 101代码安全.pdf - 200容器技术.pdf - 201容器编排.pdf - 202微服务.pdf - 203服务网格.pdf - 204DevOps.pdf - CVE-2017-1002101：突破隔离访问宿主机文件系统.pdf -...