Siemens Simcenter Femap Memory Corruption Vulnerability

Simcenter Femap is an advanced simulation application for creating, editing and checking finite element models of complex products or systems. A memory corruption vulnerability exists in Siemens Simcenter Femap, which can be exploited by an attacker to execute code in the context of the current...

CVE-2023-6553 Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution

The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote...

CVE-2023-2186

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...

CVE-2023-27406

A vulnerability has been identified in Tecnomatix Plant Simulation All versions V2201.0006. The affected application is vulnerable to stack-based buffer while parsing specially crafted SPP files. An attacker could leverage this vulnerability to execute code in the context of the current process...

CVE-2023-24988

A vulnerability has been identified in Tecnomatix Plant Simulation All versions V2201.0006. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the...

BusyBox Resource Management Error Vulnerability (CNVD-2021-88216)

BusyBox is a set of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian personal developer. A resource management error vulnerability exists in Busybox's awk applet, which can be exploited by an attacker to execute code while processing a specially crafted awk...

Siemens JT2Go and Teamcenter Visualization out-of-bounds write vulnerability (CNVD-2021-51453)

Siemens Jt2go is a JT file viewer.Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios. An out-of-bounds write vulnerability exists in Siemens JT2Go versions prior to 13.2 and Teamcenter Visualization versions prior to 13.2. The...

CGAL libcgal out-of-bounds read vulnerability (CNVD-2021-16361)

Libcgal is an open source C++ library that provides geometric algorithms for fast and reliable data processing. CGAL libcgal NefS2/SNCioparser.h SNCioparser::readsface sfh-volume in CGAL CGAL-5.1.1 has an out-of-bounds read vulnerability that can be exploited by an attacker to achieve code...

Google Chrome Resource Management Error Vulnerability (CNVD-2021-03572)

Google Chrome is a web browser from Google, an American company. A resource management error vulnerability exists in versions of Google Chrome prior to 87.0.4280.141, which can be exploited by an attacker to execute arbitrary code...

Exploit for Deserialization of Untrusted Data in Laravel

CVE-2018-15133...

Microsoft Azure Sphere Unsigned Code Execution Vulnerability

Azure Sphere is a secure, advanced application platform with built-in communications and security features for connected devices. An unsigned code execution vulnerability exists in Microsoft Azure Sphere versions prior to 20.08. An attacker could exploit the vulnerability to execute code...

Exploit for Code Injection in Microsoft

This repository contains a proof-of-concept PoC exploit for CVE-2017-8759, a vulnerability in the Windows Shell that allows for arbitrary code execution. The exploit is designed to weaponize the vulnerability, allowing an attacker to execute malicious code on a vulnerable system. The PoC is...

Unspecified vulnerability in Linkplay firmware

The Anker Zolo Halo is a smart speaker from Anker Philippines. A security vulnerability exists in the Linkplay firmware. An attacker can exploit the vulnerability to execute code...

Unspecified vulnerability in Linkplay firmware

The Anker Zolo Halo is a smart speaker from Anker Philippines. A security vulnerability exists in the Linkplay firmware. An attacker can exploit the vulnerability to execute code...

Drupal Command Injection Vulnerability

Drupal is an open source content management system developed by the Drupal community using the PHP language. A security vulnerability exists in Drupal versions 8.8.x before 8.8.8, 8.9.x before 8.9.1, and 9.0.x before 9.0.1. An attacker can exploit the vulnerability to execute code with the help o...

Zen Load Balancer 3.10.1 - Remote Code Execution Exploit

Exploit for cgi platform in category web applications Exploit Title: Zen Load Balancer 3.10.1 - Remote Code Execution Google Dork: no Exploit Author: Cody Sixteen Vendor Homepage: https://code610.blogspot.com Software Link:...

PT-2019-6330 · Fluentd · Fluentd +1

Name of the Vulnerable Software and Affected Versions: Fluent Fluentd version 1.8.0 Fluent-ui version 1.2.2 Description: The issue is related to the use of a default password in Fluent Fluentd and its browser manager fluentd-ui, allowing attackers to gain escalated privileges and execute arbitrar...

Exploit for CVE-2018-11776

Apache-Struts-0Day-Exploit Critical Remote Code Execution...

Erlang Port Mapper Daemon Cookie Remote Code Execution Exploit

The erlang port mapper daemon is used to coordinate distributed erlang instances. Should an attacker get the authentication cookie, remote code execution is trivial. Usually, this cookie is named ".erlang.cookie" and varies on location. This module requires Metasploit:...

Deep dive in Lexmark Perceptive Document Filters Exploitation

This post authored by Marcin Noga with contributions from Nick BiasiniIntroductionTalos discovers and releases software vulnerabilities on a regular basis. We don't always publish a deep technical analysis of how the vulnerability was discovered or its potential impact. This blog will cover these...