Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

...

CVE-2024-2980

A vulnerability, which was classified as critical, has been found in Tenda FH1202 1.2.0.14408. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely. The...

PT-2024-23000 · Tenda · Tenda F1203

Name of the Vulnerable Software and Affected Versions: Tenda F1203 version 2.0.1.6 Description: A critical issue was found in the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to a stack-based buffer overflow. This issue can be...

CVE-2024-2815

A vulnerability classified as critical has been found in Tenda AC15 15.03.20multi. Affected is the function R7WebsSecurityHandler of the file /goform/execCommand of the component Cookie Handler. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to laun...

PT-2024-22790 · Freescout · Freescout

Name of the Vulnerable Software and Affected Versions: FreeScout versions prior to 1.8.128 Description: FreeScout is a self-hosted help desk and shared mailbox. The issue concerns OS Command Injection in the /public/tools.php source file. The value of the php path parameter is being executed as a...

CVE-2024-2708

A vulnerability was found in Tenda AC10U 15.03.06.49 and classified as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has be...

Komm.One CMS Security Vulnerability

Komm.One CMS is a customer service management software from the German company Komm.One. A security vulnerability exists in Komm.One CMS version 10.4.2.14 that originates from a vulnerability that could allow a remote attacker to execute arbitrary code by specifying a URL for java.lang.Runtime in...

Financials By Coda Cross Site Scripting

Vulnerability type: Cross-site Scripting Vendor: https://www.unit4.com/ Product: Financials by Coda Product site: https://www.unit4.com/fr/products/financial-management-software Affected version: HTTP/2 Host: TIMELINE – 30/10/2023: Vulnerability found – 02/11/2023: Vendor informed – 05/12/2023:...

PT-2024-2398 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.20 multi Description: A critical vulnerability has been found in the Tenda AC15 router, affecting the R7WebsSecurityHandler function of the /goform/execCommand file in the Cookie Handler component. The manipulation of...

runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...

Fedora: Security Advisory for apache-commons-exec (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: apache-commons-exec-1.3-31.fc40

Commons Exec is a library for dealing with external process execution and environment management in Java...

Deserialization of untrusted data

The PDF Invoices and Packing Slips For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.7 via deserialization of untrusted input via the orderid parameter. This makes it possible for authenticated attackers, with subscriber-level...

BIT-GOLANG-2020-28367 Arbitrary code execution via the go command with cgo in cmd/go

Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a cgo directive...

Low: runc

Issue Overview: runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where runc exec --cap created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment...

PT-2024-40558 · Git +1 · Mruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A heap-buffer-overflow READ 2 crash has been reported. The crash involves the following functions: mrb memsearch, mrb str split m, and mrb vm exec...

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

...

runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...

kernel: Executable Space Protection Bypass

A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file...

runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...