CVE-2022-30909

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD parameter at /goform/aspForm...

Stack overflow

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD parameter at /goform/aspForm...

CVE-2022-30909

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD parameter at /goform/aspForm...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-1805)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : golang (EulerOS-SA-2022-1805)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...

YourCyanide: A CMD-based Ransomware With Multiple Layers of Obfuscation

The Trend Micro Threat Hunting team recently analyzed a series of CMD-based ransomware variants with a number capabilities such as stealing user information, bypassing remote desktop connections, and propagating through email and physical drives...

YourCyanide: A CMD-Based Ransomware With Multiple Layers of Obfuscation

The Trend Micro Threat Hunting team recently analyzed a series of CMD-based ransomware variants with a number capabilities such as stealing user information, bypassing remote desktop connections, and propagating through email and physical drives...

CVE-2022-29337

C-DATA FD702XW-X-R430 v2.1.13X001 was discovered to contain a command injection vulnerability via the vacmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request...

PT-2022-19551 · Unknown · C-Data Fd702Xw-X-R430

Name of the Vulnerable Software and Affected Versions: C-DATA FD702XW-X-R430 version 2.1.13 X001 Description: A command injection issue was discovered, allowing attackers to execute arbitrary commands via a crafted HTTP request. This is achieved through the va cmd parameter in the formlanipv6...

new packages: trace-cmd

An update is available for trace-cmd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9....

new packages: perl-IPC-Cmd

An update is available for perl-IPC-Cmd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

Powershell Exec, Windows Command Shell, Bind IPv6 TCP Stager with UUID Support (Windows x86)

Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/powershell/shell/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf...

Powershell Exec, Windows x64 Command Shell, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Execute an x64 payload from a command via PowerShell. Spawn a piped command shell Windows x64 staged. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/x64/shell/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION...

Powershell Exec, Windows Command Shell, Bind TCP Stager with UUID Support (Windows x86)

Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Listen for a connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/powershell/shell/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTI...

The vulnerability of the cgi-bin/webupg component in D-Link DIR-825AC G1 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the cgi-bin/webupg component in D-Link DIR-825AC G1 router microprogramming software is related to incorrect processing of the cmd parameter. Exploiting this vulnerability allows an attacker to execute arbitrary commands using a specially created POST request...

kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()

A flaw was found in the Linux kernel. A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service. This vulnerability is similar with the older CVE-2019-18808. The highest threat from this vulnerability is to system availability...

ALBA-2022:1999 trace-cmd bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

trace-cmd bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

trace-cmd bug fix and enhancement update

An update is available for trace-cmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8....

LeakedHandlesFinder - Leaked Windows Processes Handles Identification Tool

Leaked Windows processes handles identification tool. Useful for identify new LPE vulnerabilities during a pentest or simply as a new research process. Currently supports exploiting autopwn procesess leaked handles spawning a new arbitrary process cmd.exe default. LHF identifies in realtime...