984 matches found
June 18, 2019—KB4501371 (OS Build 17763.592)
June 18, 2019—KB4501371 OS Build 17763.592 Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard. Starting with update KB4497934, we are introducing functionality that allows you to decide when to install a feature update. You control when you g...
Realtek Managed Switch Controller (RTL83xx) Stack Overflow
!/usr/bin/python2.7 """ Subject Realtek Managed Switch Controller RTL83xx PoC 2019 bashis https://www.realtek.com/en/products/communications-network-ics/category/managed-switch-controller Brief description 1.Boa/Hydra suffer of exploitable stack overflow with a 'one byte read-write loop' w/o...
PT-2019-4285 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.3.11 Description: The issue is related to a memory leak in the Linux kernel, specifically in the ath9k wmi cmd function. This memory leak can be exploited by a remote attacker to cause a denial of service due ...
FileThingie 2.5.7 - Arbitrary File Upload
Exploit Title: FileThingie 2.5.7 - Arbitrary File Upload Author: Cakes Discovery Date: 2019-09-03 Vendor Homepage: www.solitude.dk/filethingie Software Link: https://github.com/leefish/filethingie/archive/master.zip Tested Version: 2.5.7 Tested on OS: CentOS 7 CVE: N/A Intro: Easy arbitrary file...
DEBIAN-CVE-2019-15767
In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmdload function in frontend/cmd.cc via a crafted chess position in an EPD file...
Cross site request forgery (csrf)
LayerBB 1.1.3 allows conversations.php/cmd/new CSRF...
CVE-2019-13974
CVE-2019-13974 affects LayerBB 1.1.3 and is a Cross‑Site Request Forgery in conversations.php/cmd/new. The vulnerability stems from insufficient validation of requests from trusted users. CVSS metrics indicate CVSSv3 base score 8.8 (HIGH) with network attack vector, low complexity, no privileges ...
Nextcloud: Passcode Protection in Android Devices Can be Bypassed.
What is The Vulnerability? The Passcode can be bypassed by calling a MainLoginActivity which is com.owncloud.android.ui.activity.FileDisplayActivity , We have successfully bypassed the passcode and are redirected to the App's User Interface. of the user’s credentials: Android Version: 9 Non Roote...
UBUNTU-CVE-2019-12865
In radare2 through 3.5.1, cmdmount in libr/core/cmdmount.c has a double free for the ms command...
Millions of Linux Servers Under Worm Attack Via Exim Flaw
A widespread campaign is exploiting a vulnerability in the Exim mail transport agent MTA to gain remote command-execution on victims’ Linux systems. Researchers say that currently more than 3.5 million servers are at risk from the attacks, which are using a wormable exploit. Specifically under...
IBM Websphere Application Server - Network Deployment Untrusted Data Deserialization Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Websphere Application Server Network Deployment Untrusted Data Deserialization Remote Code Execution', 'Description' = % This module exploits...
IBM Websphere Application Server Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Websphere Application Server Network Deployment Untrusted Data Deserialization Remote Code Execution', 'Description' = % This module exploits...
fis-nm (>=1.0.0 <=1.0.3), fis-packager-autopack (>=0.0.19 <=0.2.1) +6 more potentially affected by unknown CVE via concat-stream (=1.4.1)
concat-stream NPM version =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on concat-stream and may be impacted: - fis-nm =1.0.0, =0.0.19, =0.0.1, =0.0.1, =0.0.5, =0.0.6, =0.4.1, =0.4.0, =0.4.1 Source cves: unknown CVE Source advisory:...
CVE-2019-12042
Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory and the event Global\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event as an encrypted JSON string to the system service AgentSvc.exe, which leads to privilege...
Microsoft Windows 10 (17763.379) - Install DLL
edit: Figure out how this works for yourself. I can't be bothered. It's a really hard race, doubt anyone will be able to repro anyway. Could be used with malware, you could programmatically trigger the rollback. Maybe you can even pass the silent flag to hide installer UI and find another way to...
CVE-2019-9625
JBMC DirectAdmin 1.55 allows CSRF via the /CMDACCOUNTADMIN URI to create a new admin account...
Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability (cisco-sa-20190227-rmi-cmd-ex)
According to its self-reported version, the version of the Cisco Small Business Wireless-N VPN Router installed on the remote host is affected by a remote command execution vulnerability. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands ...
CVE-2019-9112
The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in sdedebugfsconncmdtxwrite in drivers/gpu/drm/msm/sde/sdeconnector.c. This is exploitable for a device crash vi...
DEBIAN-CVE-2019-7342
POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filterAutoExecuteCmd' parameter value in the view filter filter.php because proper filtration is omitted...
openSUSE Security Update : go1.10 (openSUSE-2018-1593)
This update for go1.10 fixes the following issues : Security vulnerabilities fixed : - CVE-2018-16873 bsc1118897: cmd/go: remote command execution during 'go get -u'. - CVE-2018-16874 bsc1118898: cmd/go: directory traversal in 'go get' via curly braces in import paths - CVE-2018-16875 bsc1118899:...