kernel: Executable Space Protection Bypass

A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file...

kernel: Executable Space Protection Bypass

A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file...

PT-2023-20539 · Sourcecodester · Sourcecodester Online Tours & Travels Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Tours & Travels Management System version 1.0 Description: A critical issue was found in the system, affecting the exec function of the disapprove delete.php file. The manipulation of the id argument leads to SQL...

Python Exec, Command Shell, Reverse SCTP (via python)

Execute a Python payload as an OS command from a Posix-compatible shell. Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.6-2.7 and 3.4+. Module Options msf use payload/cmd/unix/python/shellreversesctp msf payloadshellreversesctp show actions...

CVE-2023-28224

Windows Point-to-Point Protocol over Ethernet PPPoE Remote Code Execution Vulnerability...

CVE-2023-21727 Remote Procedure Call Runtime Remote Code Execution Vulnerability

...

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

...

UNC4466 Attack Campaign Targets Veritas Backup Exec and Deploys ALPHV Ransomware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary UNC4466 conducted an attack campaign in late 2022, gaining initial access to an internet-exposed Windows server running Veritas Backup Exec and deploying the ALPHV ransomware, with over 8,500 potentially...

CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added five security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. This includes three high-severity flaws in the Veritas Backup Exec Agent software...

Veritas Backup Exec Agent Improper Authentication Vulnerability

Veritas Backup Exec BE Agent contains an improper authentication vulnerability that could allow an attacker unauthorized access to the BE Agent via SHA authentication scheme...

Veritas Backup Exec Agent Command Execution Vulnerability

Veritas Backup Exec BE Agent contains a command execution vulnerability that could allow an attacker to use a data management protocol command to execute a command on the BE Agent machine...

Veritas Backup Exec Agent File Access Vulnerability

Veritas Backup Exec BE Agent contains a file access vulnerability that could allow an attacker to specially craft input parameters on a data management protocol command to access files on the BE Agent machine...

LangChain vulnerable to code injection

In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method...

CVE-2023-29374

In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method...

PYSEC-2023-18

In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method...

Design/Logic Flaw

In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method...

CVE-2023-29374

CVE-2023-29374 affects LangChain up to version 0.0.131. The vulnerability lies in the LLMMathChain chain, enabling prompt injection that can execute arbitrary Python code via the built-in exec() method. The NVD/CVE data indicate a high-severity issue (CVSS v3.1: 9.8, CRITICAL) with network attack...

CVE-2023-29374

In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method...

CVE-2023-29374

In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method...

VulnCheck KEV: CVE-2021-27877

Veritas Backup Exec BE Agent contains an improper authentication vulnerability that could allow an attacker unauthorized access to the BE Agent via SHA authentication scheme...