DEBIAN-CVE-2019-7342

POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filterAutoExecuteCmd' parameter value in the view filter filter.php because proper filtration is omitted...

openSUSE Security Update : go1.10 (openSUSE-2018-1593)

This update for go1.10 fixes the following issues : Security vulnerabilities fixed : - CVE-2018-16873 bsc1118897: cmd/go: remote command execution during 'go get -u'. - CVE-2018-16874 bsc1118898: cmd/go: directory traversal in 'go get' via curly braces in import paths - CVE-2018-16875 bsc1118899:...

openSUSE: Security Advisory for go1.10 (openSUSE-SU-2018:4255-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Erlang Port Mapper Daemon Cookie RCE

The erlang port mapper daemon is used to coordinate distributed erlang instances. Should an attacker get the authentication cookie RCE is trivial. Usually, this cookie is named ".erlang.cookie" and varies on location. This module requires Metasploit: https://metasploit.com/download Current source...

CVE-2018-19922

Persistent Cross-Site Scripting XSS in the advancedsetupwebsiteblocking.html Website Blocking page of the Actiontec C1000A router with firmware through CAC004-31.30L.95 allows a remote attacker to inject arbitrary HTML into the Website Blocking page by inserting arbitrary HTML into the 'TodUrlAdd...

Cmd and Conquer: De-DOSfuscation with flare-qdb

When Daniel Bohannon released his excellent DOSfuscation paper, I was fascinated to see how tricks I used as a systems engineer could help attackers evade detection. I didn’t have much to contribute to this conversation until I had to analyze a hideously obfuscated batch file as part of my job on...

ZyXEL ZyWALL USG Cross-Site Request Forgery Vulnerability

ZyXEL ZyWALL USG is a network security firewall appliance from Hopkins ZyXEL Technology. A cross-site request forgery vulnerability exists in ZyXEL ZyWALL USG version 2.12 AQQ.2 and 3.30 AQQ.7. A remote attacker can exploit this vulnerability by adding user accounts with the help of the 'cmd'...

CVE-2018-19184

CVE-2018-19184 affects Go Ethereum (geth) prior to or including 1.8.17, specifically in cmd/evm/runner.go. The vulnerability allows an attacker to trigger a denial-of-service (SEGV) through specially crafted bytecode, as documented in multiple sources (NVD entry for CVE-2018-19184 and SUSE/GHSA e...

CVE-2017-17550

The vulnerability is in ZyXEL ZyWALL USG devices (2.12 AQQ.2 and 3.30 AQQ.7) where a CSRF flaw in the cgi-bin/zysh-cgi cmd action allows an attacker to add a user account. This newly created account could subsequently be used to perform stored XSS, as described in multiple sources. Affected softw...

Arm Whois 3.11 - Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title: Arm Whois 3.11 - Buffer Overflow SEH Exploit Author: Yair Rodríguez Aparicio 0-day DoS exploit, Semen Alexandrovich Lyhin 1-day fully working exploit Vendor Homepage: http://www.armcode.com/ Software Link:...

CVE-2018-9359

In processl2capcmd of l2cmain.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0...

Morris Worm - sendmail Debug Mode Shell Escape (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'expect' class MetasploitModule 'Morris Worm sendmail Debug Mode Shell Escape', 'Description' = %q This module exploits sendmail's well-known historical debug mo...

Radan-http service for Linux remote code execute Exploit

Injection into a web application Hack all servers have webapp open port 8088 Ok so the web application attack has 2 steps. 1: Create a new application done with post request to /newappication, 2: Now once we done that we can execute commands inside of it. Usage Info 1 You need to scan ip list wit...

PT-2018-6263 · Insteon · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub 2245-222 version 1012 Description: The issue arises from specially crafted commands sent through the PubNub service, which can cause a stack-based buffer overflow, overwriting arbitrary data. This is triggered by sending an...

Design/Logic Flaw

phpLDAPadmin 1.2.2 allows LDAP injection via a crafted serverid parameter in a cmd.php?cmd=loginform request, or a crafted username and password in the login panel...

Prime95 29.4b8 - Stack Buffer Overflow (SEH)

Prime95 29.4b8 - Stack Buffer Overflow SEH Exploit Title: Prime95 Local Buffer Overflow SEH Date: 13-4-2018 Exploit Author: crashmanucoot Contact: twitter.com/crashmanucoot Vendor Homepage: https://www.mersenne.org/ Software Link: https://www.mersenne.org/download/download Version: 29.4b8 Tested...

Prime95 29.4b8 Stack Buffer Overflow

Exploit Title: Prime95 Local Buffer Overflow SEH Date: 13-4-2018 Exploit Author: crashmanucoot Contact: twitter.com/crashmanucoot Vendor Homepage: https://www.mersenne.org/ Software Link: https://www.mersenne.org/download/download Version: 29.4b8 Tested on: Windows 10 Pro x64 SPANISH Windows 7 Ho...

Vayne-RaT - An Advanced C# .NET RAT

Vayne-RaT is Free and Open SourceRemote Administration Tool Coded In C. Features: Multi-Threaded CMD Shell File Manager Download & Upload Remote Desktop Password Recovery Assembly Builder Scan-Time Crypter FUD Requirements Stub Coded In .NET 2.0 Mono.Cecil.dll Dissembler Lib.dll BunifuUIv1.52.dll...

CVE-2014-3114

The EZPZ One Click Backup ezpz-one-click-backup plugin 12.03.10 and earlier for WordPress allows remote attackers to execute arbitrary commands via the cmd parameter to functions/ezpz-archive-cmd.php...

CVE-2017-13281

In avrcparsbrowsingcmd of avrcparstg.cc, there is a possible stack buffer overflow due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1...