97 matches found
Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks
A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection attacks. The vulnerability, tracked as CVE-2024-24576, has a CVSS score of 10.0, indicating maximum severity. That said, it only impacts scenarios where batch files are...
rebindMultiA - Tool To Perform a Multiple A Record Rebind Attack
rebindMultiA is a tool to perform a Multiple A Record rebind attack. rebindmultia.com is a domain that I've set up to assist with these attacks. It makes every IP its own authoritative nameserver for the domain IP.ns.rebindmultia.com. For example, 13.33.33.37.ns.rebindmultia.com's authoritative...
Pre-Auth Path traversal in pimcore_log, leading potential DOS
Description A path traversal vulnerability exists in the CMS, which allows an attacker to overwrite or modify sensitive files by manipulating the pimcorelog parameter. This can lead to potential denial of service---key file overwrite. Proof of Concept - As a prequisition, pimcore must be installe...
Atlassian Confluence 7.1.x < 7.1.1 DLL Hijacking
According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 7.0.5 or 7.1.x prior to 7.1.1. It therefore may be affected by a weakness when deployed onto the Windows operating system environment allows local system attackers who have...
CVE-2022-28331
A flaw was found in Apache Portable Runtime, affecting versions = 1.7.0. This issue may allow a malicious user to write beyond the end of a stack buffer and cause an integer overflow. This affects Windows environments...
SUSE CVE-2022-33127
The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitrary commands via a crafted string...
CVE-2023-24816 set_term_title command injection in ipython
IPython Interactive Python is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Versions prior to 8.1.0 are subject to a command injection vulnerability with very specific prerequisites. This vulnerability requir...
CVE-2023-24815 Disclosure of classpath resources on Windows when mounted on a wildcard route in vertx-web
Vert.x-Web is a set of building blocks for building web applications in the java programming language. When running vertx web applications that serve files using StaticHandler on Windows Operating Systems and Windows File Systems, if the mount point is a wildcard then an attacker can exfiltrate a...
Amazon Linux 2022 : golang (ALAS2022-2022-239)
The version of golang installed on the remote host is prior to 1.19.3-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-239 advisory. - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read t...
CVE-2022-33127
The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitrary commands via a crafted string...
CVE-2022-33127
The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitrary commands via a crafted string...
CVE-2022-33127
The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitrary commands via a crafted string...
CVE-2022-33127
The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitrary commands via a crafted string...
CVE-2022-33127
The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitrary commands via a crafted string...
Path Traversal
firefox is vulnerable to Path Traversal. A remote attacker is able to use the % character in filenames to store the data outside of the intended directory using windows environment variables, such as %HOMEPATH% or %APPDATA%...
CVE-2021-21706
CVE-2021-21706 affects PHP on Windows: ZipArchive::extractTo can write files outside the target directory when extracting ZIPs. Affected are PHP 7.3.x < 7.3.31, 7.4.x < 7.4.24, and 8.0.x
Universal Privilege Escalation and Persistence – Printer
The Print Spooler is responsible to manage and process printer jobs. It runs as a service with SYSTEM level privileges on windows environments. Abuse of… Continue reading - Universal Privilege Escalation and Persistence - Printer...
IBM DB2 命令注入漏洞
IBM DB2 is a relational database management system from the American company IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A security vulnerability exists in IBM Db2 for Linux, UNIX, and Windows including Db2 Connect Server, which stems...
CVE-2020-3687
Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue...
CVE-2020-13535
A privilege escalation vulnerability exists in Kepware LinkMaster 3.0.94.0. In its default configuration, an attacker can globally overwrite service configuration to execute arbitrary code with NT SYSTEM privileges...