CVE-2023-1091 SQL Injection found in ALPATA's Licensed Warehousing Automation System

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Alpata Licensed Warehousing Automation System allows Command Line Execution through SQL Injection. This issue affects Licensed Warehousing Automation System: through 2023.1.01...

PT-2023-16746 · Alpata · Alpata Licensed Warehousing Automation System

Name of the Vulnerable Software and Affected Versions: Alpata Licensed Warehousing Automation System versions through 2023.1.01 Description: The issue is related to an SQL Injection vulnerability, which allows for Command Line Execution through SQL Injection due to improper neutralization of...

NSA Alert: Topmost CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors

On October 6, 2022, the United States National Security Agency NSA released a cybersecurity advisory on the Chinese government—officially known as the People’s Republic of China PRC states-sponsored cyber actors activity to seek national interests. These malicious cyber activities attributed to t...

CVE-2022-20907

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these...

RealTime Optimization Pack Capability Checker

RealTime Optimization Pack Capability Checker v2.4.0 Created Date: Mar 22, 2017 Updated Date: Apr 30, 2018 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will...

Security vulnerabilities fixed in Thunderbird 60.6 — Mozilla

A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. The type inference system allows the compilation of functions that can cause typ...

[Peepdf] PDF Analysis and Creation/Modification Tool

peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. With peepdf it's possible ...

CVE-2008-2149

Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2.1, and 3.0 might allow context-dependent attackers to execute arbitrary code via a long command line option. NOTE: this issue probably does not cross privilege boundaries except in cases in which Wordnet is used as a back end...

rssh/rcponly protection bypass

Restricted application can be executed with command line of allowed application...

WinRAR 1.0 - Local Buffer Overflow

/ WinRar local buffer overflow exploit V1.0 Coded By ATmaCA Copyright © 2004 ProGroup Software, Inc. E-Mail:[email protected] Web:www.prohack.net Usage:\r\nexploit Targets: 1 - WinXP SP1 user32.dll 0x77D718FC 2 - WinXP SP2 user32.dll 0x77D8AF0A Example:exploit 1 myrar.rar / / All WinRar 2.x seri...

QNX PPPoEd 2.44.256.2 - Multiple Local Buffer Overrun Vulnerabilities

QNX PPPoEd 2.44.256.2 - Multiple Local Buffer Overrun Vulnerabilities source: https://www.securityfocus.com/bid/11104/info QNX PPPoEd is reported to be prone to multiple local buffer overflow vulnerabilities. The issues presents themselves when PPPoEd handles certain command line arguments that a...

Lotus Notes URI command line modification

notes: URI allows to execute notes.exe with any arguments, for example to cpecify .ini file location...

TCP Connection Reset - Remote Denial of Service

/ By: Paul A. Watson Build a TCP packet - based on tcp1.c sample code from libnet-1.1.1 COMPILE: gcc reset-tcp.c -o reset-tcp /usr/lib/libnet.a or gcc -o reset-tcp reset-tcp.c -lnet be sure to modify the MAC addresses enetsrc/enetdst in the code, or you WILL have problems! EXECUTE: reset-tcp...

TCP Connection Reset - Remote Denial of Service

TCP Connection Reset - Remote Denial of Service / By: Paul A. Watson Build a TCP packet - based on tcp1.c sample code from libnet-1.1.1 COMPILE: gcc reset-tcp.c -o reset-tcp /usr/lib/libnet.a or gcc -o reset-tcp reset-tcp.c -lnet be sure to modify the MAC addresses enetsrc/enetdst in the code, or...

FTE fails to properly validate command line arguments

Overview FTE contains a vulnerability in the processing of command line arguments that could allow an attacker to execute arbitrary code. Description FTE is a text editor available for a variety of operating systems. There is a buffer overflow vulnerability in the way FTE performs bounds checking...

Using Java from Javascript

Opera and Netscape browsers allow you to include java methods calls in your javascript . As Javascript has support for objects you can use objects returned by these calls in your scripts . I have been looking for information about the possibly security implications and vulnerabilities published...

WMMon 1.0 b2 - Memory Character File Open File Descriptor Read

WMMon 1.0 b2 - Memory Character File Open File Descriptor Read source: https://www.securityfocus.com/bid/5718/info It has been reported that wmmon is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attacker...