56 matches found
Remote code execution
An insecure unserialize vulnerability was discovered in ThinkAdmin versions 4.x through 6.x in app/admin/controller/api/Update.php and app/wechat/controller/api/Push.php, which may lead to arbitrary remote code execution...
telnet security update
1:0.17-65 - Resolves: 1814475 - Arbitrary remote code execution in utility.c via short writes or urgent data...
telnet security update
1:0.17-49 - Resolves: 1814775 - Arbitrary remote code execution in utility.c via short writes or urgent data...
CVE-2019-18211
An issue was discovered in Orckestra C1 CMS through 6.6. The EntityTokenSerializer class in Composite.dll is prone to unvalidated deserialization of wrapped BinaryFormatter payloads, leading to arbitrary remote code execution for any low-privilege user...
CVE-2018-14802
CVE-2018-14802 affects Fuji Electric FRENIC Loader family (FRENIC-Mini C1/C2, FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace). Description: stack-based buffer overflow caused by improper validation of user-supplied comments, enabling arbitrary remote code execution. Affected product versions i...
CVE-2018-14802
Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini C1, FRENIC-Mini C2, FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. The program does not properly check user-supplied comments which may allow for arbitrary remote code execution...
Emerson AMS Device Manager
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Emerson Equipment: AMS Device Manager Vulnerabilities: Improper Access Control, Improper Privilege Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...
firefox: multiple issues
CVE-2015-0817 arbitrary remote code execution: Security researcher ilxu1a reported, through HP Zero Day Initiative's Pwn2Own contest, a flaw in Mozilla's implementation of typed array bounds checking in JavaScript just-in-time compilation JIT and its management of bounds checking for heap access...
thunderbird: multiple issues
CVE-2014-8634 arbitrary remote code execution Christian Holler and Patrick McManus reported memory safety problems and crashes that affect Firefox ESR 31.3 and Firefox 34. - CVE-2014-8635 arbitrary remote code execution Christoph Diehl, Christian Holler, Gary Kwong, Jesse Ruderman, Byron Campen,...
PhpTax pfilez Parameter Exec Remote Code Injection
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
Amlibweb NetOpacs webquery.dll Stack Buffer Overflow
No description provided by source. $Id: amlibwebwebquerydllapp.rb 11039 2010-11-14 19:03:24Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Iconics GENESIS32 9.21.201.01 - Integer overflow
No description provided by source. $Id: iconicsgenbroker.rb 13197 2011-07-17 15:01:46Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...
Intrasrv 1.0 - Buffer Overflow
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
PHPGreetz 0.99 Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15575/info phpGreetz is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary...
Ji-takz Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18474/info Ji-takz is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input to the application. An attacker may leverage this issue to have an arbitrary remote file...
RedHat Update for xalan-j2 RHSA-2014:0348-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for xalan-j2 CESA-2014:0348 centos6
Check for the Version of xalan-j2 OpenVAS Vulnerability Test CentOS Update for xalan-j2 CESA-2014:0348 centos6 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.0.0 patch 4
Red Hat JBoss Fuse 6.0.0 patch 4, which fixes three security issues and one bug, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...
Intrasrv 1.0 - Remote Buffer Overflow (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Intrasrv 1.0 Buff...
IBM SPSS SamplePower c1sizer ActiveX Control Vulnerability
Added: 06/09/2013 CVE: CVE-2012-5946 BID: 59559 OSVDB: 92845 Background SPSS Statistical Package for the Social Sciences is a computer application that provides statistical analysis of data. It allows for in-depth data access and preparation, analytical reporting, graphics and modelling...