CVE-2023-21517

The CVE-2023-21517 entry corresponds to a heap out-of-bounds write in Exynos baseband prior to Samsung SMR Jun-2023 Release 1, enabling a remote attacker to execute arbitrary code. Connected PT-2023-18273 and related sources confirm the affected software is Exynos baseband versions prior to SMR J...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the fetchTagsbranch API, which allows user input to specify the branch to be fetched and then concatenates this string along with a git command which is then passed to the unsafe exec Node.js child process API. PoC...

kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events

The Linux kernel's Performance Events subsystem has a use-after-free flaw that occurs when a user triggers the perfgroupdetach and removeonexec functions simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events

The Linux kernel's Performance Events subsystem has a use-after-free flaw that occurs when a user triggers the perfgroupdetach and removeonexec functions simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system...

CVE-2023-35042

GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime.exec in wps:LiteralData within a wps:Execute request, as exploited in the wild in June 2023. NOTE: the vendor states that they are unable to reproduce this in any version...

PT-2023-3740 · Geoserver · Geoserver

Name of the Vulnerable Software and Affected Versions: GeoServer 2 affected versions not specified Description: The issue is related to insufficient input validation in the java.lang.Runtime.getRuntime.exec function of the GeoServer software, which can allow remote attackers to execute arbitrary...

VulnCheck KEV: CVE-2023-35042

GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime.exec in wps:LiteralData within a wps:Execute request, as exploited in the wild in June 2023. NOTE: the vendor states that they are unable to reproduce this in any version...

CVE-2023-35042

GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime.exec in wps:LiteralData within a wps:Execute request, as exploited in the wild in June 2023. NOTE: the vendor states that they are unable to reproduce this in any version...

kernel: Executable Space Protection Bypass

A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file...

kernel: Executable Space Protection Bypass

A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file...

PT-2023-20539 · Sourcecodester · Sourcecodester Online Tours & Travels Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Tours & Travels Management System version 1.0 Description: A critical issue was found in the system, affecting the exec function of the disapprove delete.php file. The manipulation of the id argument leads to SQL...

The vulnerability of Backup Exec’s software for backup and data restoration lies in its lack of authentication procedures. This allows attackers to elevate their privileges and execute arbitrary commands.

The vulnerability of Backup Exec’s backup and recovery software is related to deficiencies in authentication procedures when using the SHA cryptographic algorithm. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary commands...

The vulnerability of Backup Exec’s software for backup and data restoration lies in its lack of authentication procedures. This allows attackers to bypass security restrictions and execute arbitrary commands.

The vulnerability of Backup Exec’s backup and recovery software is related to deficiencies in authentication procedures when using the SHA cryptographic algorithm. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute arbitrary commands...

Python Exec, Command Shell, Reverse SCTP (via python)

Execute a Python payload as an OS command from a Posix-compatible shell. Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.6-2.7 and 3.4+. Module Options msf use payload/cmd/unix/python/shellreversesctp msf payloadshellreversesctp show actions...

CVE-2023-28224

Windows Point-to-Point Protocol over Ethernet PPPoE Remote Code Execution Vulnerability...

CVE-2023-21727 Remote Procedure Call Runtime Remote Code Execution Vulnerability

...

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

...

UNC4466 Attack Campaign Targets Veritas Backup Exec and Deploys ALPHV Ransomware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary UNC4466 conducted an attack campaign in late 2022, gaining initial access to an internet-exposed Windows server running Veritas Backup Exec and deploying the ALPHV ransomware, with over 8,500 potentially...

CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added five security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. This includes three high-severity flaws in the Veritas Backup Exec Agent software...

Veritas Backup Exec Agent File Access Vulnerability

Veritas Backup Exec BE Agent contains a file access vulnerability that could allow an attacker to specially craft input parameters on a data management protocol command to access files on the BE Agent machine...