933 matches found
CVE-2022-26916
CVE-2022-26916 describes a remote code execution vulnerability in the Windows Fax Compose Form. The entry lists a CVSSv3.1 base score of 7.8 (HIGH) with a LOCAL exploit vector, meaning exploitation requires local access, and the vector indicates user interaction is required. The risk and scope ar...
Exploit for Expression Language Injection in Apache Struts
Struts2S2-062CVE-2021-31805 Apache Struts2 S2-062 remote c...
Windows Fax Compose Form Remote Code Execution Vulnerability
...
Windows Fax Compose Form Remote Code Execution Vulnerability
...
Windows Fax Compose Form Remote Code Execution Vulnerability
...
Microsoft Windows 输入验证错误漏洞
Microsoft Windows is a suite of operating systems used by Microsoft Corporation USA for personal devices. An input validation error vulnerability exists in Microsoft Windows Fax Compose Form. The following products and versions are affected: Windows 7 for x64-based Systems Service Pack 1,Windows...
Microsoft Windows 输入验证错误漏洞
Microsoft Windows Fax services is a feature component service of Microsoft Corporation USA used to specify fax settings, including how to send, receive, view and print. A remote code execution vulnerability exists in Microsoft Windows Fax Compose Form, which is used to specify fax settings,...
Microsoft Windows 输入验证错误漏洞
Microsoft Windows is a suite of operating systems used by Microsoft Corporation USA for personal devices. An input validation error vulnerability exists in Microsoft Windows Fax Compose Form. The following products and editions are affected: Windows 10 Version 1909 for x64-based Systems,Windows 1...
PT-2022-2882 · Microsoft · Windows Fax Compose Form +1
Name of the Vulnerable Software and Affected Versions: Windows Fax Compose Form affected versions not specified Description: The issue is related to insufficient input validation in the Fax Compose Form component of Windows operating systems. This allows remote attackers to execute arbitrary code...
PT-2022-2881 · Microsoft · Windows Fax Compose Form +1
Name of the Vulnerable Software and Affected Versions: Windows Fax Compose Form affected versions not specified Description: The issue is related to insufficient input validation in the Fax Compose Form component of Windows operating systems. This can be exploited by a remote attacker to execute...
Exploit for Code Injection in Vmware Spring_Framework
CVE-2022-22965 PoC - Payara Arbitrary File Download Minimal e...
Information Disclosure
github.com/ipfs/go-ipfs is vulnerable to information disclosure. The vulnerability exists in docker-compose.yaml because the resulting list of listeners when running IPFS are either public or bound to public IPs which allows an attacker to gain admin API access to the IPFS node and control user...
GHSA-FX5P-F64H-93XC Opened exploitable ports in default docker-compose.yaml in go-ipfs
Impact Allows admin API access to the IPFS node. Who ? This affects people running the docker-compose.yaml service in an environment where the docker host is directly attached to a public or untrusted IP. In the vulnerable version, the private API endpoint is publicly forwarded by exposing it as...
Opened exploitable ports in default docker-compose.yaml in go-ipfs
Impact Allows admin API access to the IPFS node. Who ? This affects people running the docker-compose.yaml service in an environment where the docker host is directly attached to a public or untrusted IP. In the vulnerable version, the private API endpoint is publicly forwarded by exposing it as...
Exploit for SQL Injection in Zabbix
This is a pre-built vulnerable environment based on Docker-Compose, maintained by Vulhub. The repository contains various vulnerable applications and services, including CouchDB, FFmpeg, Git, and Jenkins, among others. The vulnerabilities are identified by CVE IDs, such as CVE-2016-10134,...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
CVE-2021-44228 !Dockerfilehttps://github.com/ahmad4fifz/C...
Docker Compose Configuration Detected
Docker Compose is a tool designed to help developers defining and running multi-container Docker applications. By defining a configuration file named docker-compose.yml in their application project directory, developers can define the different services used by the application with their...
GHSA-86F3-HF24-76Q4 Use of Hard-coded Cryptographic Key in Netmaker
Impact There is a hard-coded cryptographic key in the code base which can be exploited to run admin commands on a remote server, if you know the address and username of the admin. This effects the server netmaker component, and not clients. Patches This has been patched in Netmaker v0.8.5, v0.9.4...
vulhub
This is a pre-built vulnerable environment based on Docker-Compose, maintained by the Vulhub project. The repository contains a collection of vulnerable applications and services, including CouchDB, FFmpeg, Git, and more, which can be used for testing and training purposes. The environment is...
passe-compose.de Cross Site Scripting vulnerability OBB-2355016
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...