36 matches found
EUVD-2020-3538
Malware in sbrugna...
EUVD-2023-41456
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2019-6132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Bento4 v1.5.1-627. There is a memory leak in AP4DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp when...
CVE-2020-11184
u'Possible buffer overflow will occur in video while parsing mp4 clip with crafted esds atom size.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDX55, SDX55M, SM4250, SM4250P,...
Emagic Data Center Management Suite 6.0 Remote Command Execution
Exploit Title: Emagic Data Center Management Suite v6.0 - OS Command Injection Date: 03-08-2023 Exploit Author: Shubham Pandey & thewhiteh4t Vendor Homepage: https://www.esds.co.in/enlight360 Version: 6.0.0 Tested on: Kali Linux CVE : CVE-2023-37569 URL=$1 LHOST=$2 LPORT=$3 echo "" echo " ESDS...
CVE-2023-37570
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
CVE-2023-37570
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
Design/Logic Flaw
This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input sanitization in its Ping component. A remote authenticated attacker could exploit this by injecting OS commands on the targeted system. Successful exploitation of this vulnerability could allow the attacker ...
Design/Logic Flaw
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
CVE-2023-37570
Summary: CVE-2023-37570 affects ESDS Emagic Data Center Management Suit due to non-expiry of the session cookie, enabling reuse of a stolen cookie for remote unauthorized access. This is reported across multiple sources (NVD, Red Hat, CVE List, etc.). What’s known: The root cause is a non-expirin...
CVE-2023-37569
CVE-2023-37569 concerns ESDS Emagic Data Center Management Suite with a vulnerability in the Ping component due to lack of input sanitization, enabling a remote authenticated attacker to inject OS commands and potentially execute arbitrary code. Affected software is ESDS Emagic Data Center Manage...
ESDS Emagic Data Center Management Suit Operating System Command Injection Vulnerability
ESDS Emagic Data Center Management Suit is an all-in-one virtual data center suite from ESDS, Inc. An operating system command injection vulnerability exists in ESDS Emagic Data Center Management Suit v6.0 and prior versions, which stems from a lack of input cleanup in the Ping component, and can...
PT-2023-26029 · Esds · Esds Emagic Data Center Management Suit
Name of the Vulnerable Software and Affected Versions: ESDS Emagic Data Center Management Suit affected versions not specified Description: The issue exists due to the non-expiry of session cookies in the ESDS Emagic Data Center Management Suit. A remote attacker could reuse a stolen cookie to ga...
Emagic Data Center Management Suite v6.0 - OS Command Injection Exploit
!/bin/bash Exploit Title: Emagic Data Center Management Suite v6.0 - OS Command Injection Exploit Author: Shubham Pandey & thewhiteh4t Vendor Homepage: https://www.esds.co.in/enlight360 Version: 6.0.0 Tested on: Kali Linux CVE : CVE-2023-37569 URL=$1 LHOST=$2 LPORT=$3 echo "" echo " ESDS eMagic...
PT-2023-26027 · Esds · Esds Emagic Data Center Management Suit
Name of the Vulnerable Software and Affected Versions: ESDS Emagic Data Center Management Suit affected versions not specified Description: The issue is caused by a lack of input sanitization in the Ping component of the ESDS Emagic Data Center Management Suit. A remote authenticated attacker cou...
Emagic Data Center Management Suite v6.0 - OS Command Injection
!/bin/bash Exploit Title: Emagic Data Center Management Suite v6.0 - OS Command Injection Date: 03-08-2023 Exploit Author: Shubham Pandey & thewhiteh4t Vendor Homepage: https://www.esds.co.in/enlight360 Version: 6.0.0 Tested on: Kali Linux CVE : CVE-2023-37569 URL=$1 LHOST=$2 LPORT=$3 echo "" ech...
SUSE CVE-2015-4493
Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to...
CVE-2020-11184
u'Possible buffer overflow will occur in video while parsing mp4 clip with crafted esds atom size.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDX55, SDX55M, SM4250, SM4250P,...
CVE-2020-11184
CVE-2020-11184 affects Qualcomm Snapdragon families (e.g., Snapdragon Auto/Compute/Industrial IOT and Snapdragon Mobile across listed SOCs). The issue is a buffer overflow in the video path when parsing an mp4 clip’s esds atom size, which can impact the mp4 parsing component. The CVSS metrics in ...
UBUNTU-CVE-2019-6132
An issue was discovered in Bento4 v1.5.1-627. There is a memory leak in AP4DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp when called from the AP4EsdsAtom class in Core/Ap4EsdsAtom.cpp, as demonstrated by mp42aac...