CVE-2022-28661

A vulnerability has been identified in Simcenter Femap All versions V2022.1.2. The affected application contains an out of bounds read past the end of an allocated buffer while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process...

IBM Guardium Data Encryption has an unspecified vulnerability (CNVD-2022-20154)

IBM Guardium Data Encryption GDE is an application from IBM of America, Inc. IBM Guardium Data Encryption versions 4.0.0.0 and 5.0.0.0 contain a security vulnerability that stems from the fact that the software saves user information in a CSV form file with a comma as the separator symbol, but it...

WebHMI 4.1.1 Remote Code Execution Exploit

Exploit Title: WebHMI 4.1.1 - Remote Code Execution RCE Authenticated Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://webhmi.com.ua/en/ Version: WebHMI 4.1.1.7662 Tested on: WebHMI-4.1.1.7662 !/usr/bin/python import sys import re import argparse import requests import time import...

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Design/Logic Flaw

The LSP Language Server Protocol plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it will try running the LSP server binary in the directory of the file th...

U.S. Dept Of Defense: Reflected XSS at https://██████/██████ via "██████" parameter

There is Reflected Cross site scripting issue at the following url: https://██████████/██████ Proof Of Concept https://████████/█████████████████=%22%3E%3Csvg/onload=alert1%3E█████████ █████ Best Regards @pelegn Impact Cookies Exfiltration SOAP Bypass CORS Bypass Executing javascript on the victi...

U.S. Dept Of Defense: Reflected XSS at https://█████████ via "███" parameter

Description: There is Reflected Cross site scripting issue at the following url: https://█████████ Proof Of Concept https://███████?████████=%22%3E%3Cimg%20src=x%20onerror=alertdocument.domain%3E █████ Best Regards @pelegn Impact Cookies Exfiltration SOAP Bypass CORS Bypass Executing javascript o...

Scarce-Apache2 - A Framework For Bug Hunting Or Pentesting Targeting Websites That Have CVE-2021-41773 Vulnerability In Public

This tool can scan websites with CVE-2021-41773 Vulnerability that are affecting Apache2 Webserver, ScaRCE can run too for executing Remote Command Injections at the webservers that found from the scanning method Only if the MODCGI is Enabled at the targeted webserver. This tool works with the...

SpoolSploit - A Collection Of Windows Print Spooler Exploits Containerized With Other Utilities For Practical Exploitation

A collection of Windows print spooler exploits containerized with other utilities for practical exploitation. Summary SpoolSploit is a collection of Windows print spooler exploits containerized with other utilities for practical exploitation. A couple of highly effective methods would be relaying...

Security Bulletin: Vulnerabilities in OpenSSH affect Power Hardware Management Console

Summary OpenSSH is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2015-6563 DESCRIPTION: OpenSSH could allow a local attacker to bypass security restrictions, caused by the acceptance of extraneous username data in...

CVE-2021-34715 Cisco Expressway Series and TelePresence Video Communication Server Image Verification Vulnerability

A vulnerability in the image verification function of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to execute code with internal user privileges on the underlying operating system. The vulnerability is due to...

DiskBoss Service 12.2.18 - (diskbsa.exe) Unquoted Service Path Vulnerability

Exploit Title: DiskBoss Service 12.2.18 - 'diskbsa.exe' Unquoted Service Path Discovery by: Erick Galindo Vendor Homepage: https://www.diskboss.com Software : https://www.diskboss.com/setupsx64/diskbosssetupv12.2.18x64.exe Tested Version: 12.2.18 Vulnerability Type: Unquoted Service Path Tested o...

Default credentials

A vulnerability has been identified in Tecnomatix RobotExpert All versions V16.1. Affected applications lack proper validation of user-supplied data when parsing CELL files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this...

U.S. Dept Of Defense: Reflected XSS through clickjacking at https://████

Description: I'm able to control the url being inserted into the query line at https://█████/████&url=http%3a%2f%2fgalnagli.com%2f%3Cimg+src%3dx+onerror%3dalert%28document.domain%29%3E The server issues a request there is also SSRF here I'll report later to the domain specified, and it renders th...

Exploit for Out-of-bounds Write in Microsoft

CVE-2021-1732-Exploit CVE-2021-1732 Exploit...

Aruba Instant Buffer Overflow Vulnerability (CNVD-2021-26051)

Aruba Instant is a cloud-hosted controller-less wireless access point. Aruba Instant has a buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the underlying operating system by sending specially crafted packets to the PAPI UDP port...

CVE-2020-28692

In Gila CMS 1.16.0, an attacker can upload a shell to tmp directy and abuse .htaccess through the logs function for executing PHP files...

Malicious Package

wsbd.js is a malicious package. The package executes a malicious postinstall script which runs an exe file containing Trojan malware upon installation...

CVE-2020-16909

An elevation of privilege vulnerability exists in Windows Error Reporting WER when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it. An attacker who successfully exploited the vulnerability could gain greater access to...

CVE-2020-24356

cloudflared versions prior to 2020.8.1 contain a local privilege escalation vulnerability on Windows systems. When run on a Windows system, cloudflared searches for configuration files which could be abused by a malicious entity to execute commands as a privileged user. Version 2020.8.1 fixes thi...