30 matches found
CVE-2023-44353 ColdFusion WDDX Deserialization Gadgets
Adobe ColdFusion versions 2023.5 and earlier and 2021.11 and earlier are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction...
CVE-2023-21277
In visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-32636
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07510064...
SIEMENS DIGSI 4 Privilege License and Access Control Issues Vulnerability
SIEMENS DIGSI 4 is a driver from SIEMENS USA. Provides device driver functionality. A privilege license and access control issue vulnerability exists in SIEMENS DIGSI 4. The vulnerability stems from the fact that several folders in \%PATH\% can be written to by a normal user, and can be exploited...
Command Execution Vulnerability in Chase T Series Ledger System
Ltd. is a member company of UFIDA. Changjitong is committed to providing social, personalized, service-oriented and small business management support for small and medium-sized enterprises. A command execution vulnerability exists in the Changjitong T-Series Ledger System. An attacker can exploit...
CVE-2020-0295
In Telecom, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155650969...
SimpleBBS 1.1 - Remote Command Execution (C)
SimpleBBS 1.1 - Remote Command Execution C / SimpleBBS !--total 188 drwxrwxrwx 2 f1 f1 4096 Dec 6 17:02 . drwxr-xr-x 7 f1 f1 4096 Nov 17 2002 .. -rw-r--r-- 1 f1 f1 916 Oct 20 09:30 WSFTP.LOG -rwxrwxrwx 1 f1 f1 28 Nov 17 2002 categories.php -rwxrwxrwx 1 f1 f1 151 Dec 7 09:11 forums.php -rwxrwxrwx ...
freebsd/x86 - execve /bin/sh 37 bytes
freebsd/x86 execve /bin/sh 37 bytes. Shellcode exploit for freebsdx86 platform / This is FreeBSD execve code.It is 37 bytes long.I'll try to make it smaller.Till then use this one. signed predator preedatoratsendmaildotru / char FreeBSDcode=...
BSD Based telnetd telrcv Function Remote Command Execution
The Telnet server does not return an expected number of replies when it receives a long sequence of 'Are You There' commands. This probably means it overflows one of its internal buffers and crashes. This could likely lead to arbitrary code execution. Test TESO in.telnetd buffer overflow Copyrigh...
Tony Greenwood WebWho+ 1.1 - Remote Command Execution
Tony Greenwood WebWho+ 1.1 - Remote Command Execution source: https://www.securityfocus.com/bid/892/info WebWho+ is a free cgi script written by Tony Greenwood for executing whois queries via the www. Though it does perform checks for shell escape characters on some parameters, it misses the 'typ...