Debian: Security Advisory (DLA-268-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-24734

An arbitrary file upload vulnerability in the cameraupload.php component of PMB v7.4.6 allows attackers to execute arbitrary code via a crafted image file...

MAL-2023-3289 Malicious code in esqpycraftpost (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6a603cf288520ea30f3f82613af7c2ab5ac6a264df85fe0a5b92b61a0e409c96 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

MAL-2023-3424 Malicious code in esqstringpingpong (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx ed52bcac528666119213f7be842c5bea4cd521311f0f9f02b4b3f059b426c905 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

MAL-2023-4335 Malicious code in libpongload (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0ad1e1aae455a9711aa27d23cb1cb00474a6da7487a30c35f027f8611288dc8f EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

MAL-2023-2999 Malicious code in esqintelpush (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 54bfa615abbacbc04340f9a1a4beccdfa15ee43eeed5fa88c4e926faee5ea1f2 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

MAL-2023-6672 Malicious code in selfsupered (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 1ee49804a703a32aa83dec7f8f25710892d9e2bd21697a9bfeb1a595930044cc EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Siemens Tecnomatix Plant Simulation Out-of-Bounds Writing Vulnerability (CNVD-2023-13089)

Siemens Tecnomatix Plant Simulation is an object-oriented, graphical, and integrated modeling and simulation tool. An out-of-bounds write vulnerability exists in Siemens Tecnomatix Plant Simulation due to an affected application parsing a specially crafted SPP file containing out-of-bounds writes...

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities allow a malicious person to carry out attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights Access to...

MAL-2023-937 Malicious code in vh3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 43579c54bc5b30465c06b594fae446a6677de86c30d00f9808fe280b4d2338dd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Command injection

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.3 allows attacker to execute privileged command...

CVE-2022-25914

The package com.google.cloud.tools:jib-core before 0.22.0 are vulnerable to Remote Code Execution RCE via the isDockerInstalled function, due to attempting to execute input...

Input validation

Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script...

CVE-2022-30738

Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script...

CVE-2022-20802

A vulnerability in the web interface of Cisco Enterprise Chat and Email ECE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input that is processed by...

CVE-2022-1719 Reflected XSS on ticket filter function in polonel/trudesk

Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of executing a malicious javascript code in web page...

Powershell Exec, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Execute an x86 payload from a command via PowerShell. Listen for a connection Module Options msf use payload/cmd/windows/powershell/meterpreter/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options...

Powershell Exec, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Execute an x86 payload from a command via PowerShell. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/patchupmeterpreter/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show options...

Stored XSS on Import Targets

Description Hello, When a XSS payload is used as the Add or Import Targets file name, it executes it hence stored XSS is possible. Proof of Concept Name a file .txt Import the file at /target/add/target You can see it being executed...

AeroCMS Cross-Site Scripting Vulnerability (CNVD-2022-30784)

AeroCMS is a content management system from AeroCMS, Inc. A cross-site scripting vulnerability exists in AeroCMS v0.0.1, which can be exploited to execute arbitrary Web script or HTML by injecting a specially crafted payload into the "comment" text field...