PT-2025-2621 · Hcl · Hcl Myxalytics

Name of the Vulnerable Software and Affected Versions: HCL MyXalytics affected versions not specified Description: The issue allows cyber-criminals to exploit a session fixation vulnerability by sending crafted URLs with a session token to access the victim's login session. Recommendations: At th...

PT-2024-28442 · Ibexa · Ibexa Admin Ui Bundle

Name of the Vulnerable Software and Affected Versions: Ibexa Admin UI Bundle affected versions not specified Description: The file upload widget in the Ibexa Admin UI Bundle is vulnerable to XSS payloads in filenames. Access permission to upload files is required, which is typically only granted ...

AimOne Video Converter 2.04 Build 103 Buffer Overflow / Denial Of Service

Title: AimOne Video Converter V2.04 Build 103 - Buffer Overflow DoS Author: nu11secur1ty Date: 01.05.2023 Vendor: https://aimone-video-converter.software.informer.com/, http://www.aimonesoft.com/ Software: https://aimone-video-converter.software.informer.com/download/?ca85d0 Reference: Descriptio...

PT-2022-16658 · Asneg · Opcuastack

Name of the Vulnerable Software and Affected Versions: asneg/opcuastack versions affected versions not specified Description: The issue is related to a Denial of Service DoS due to a missing limitation on the number of received chunks per single session or in total for all concurrent sessions. An...

Exploit for Incorrect Authorization in Polkit_Project Polkit

PolicyKit CVE-2021-3560 Exploit Authentication Agent ====...

GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36634)

LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10.2641. An attacker can exploit this vulnerability via htmlescape ... /... /programs/escape.c:48 to exploit the vulnerability and cause a heap buffer overflow...

PT-2021-3879

Name of the Vulnerable Software and Affected Versions Linux versions prior to 2.6.19-rc1 are not specified, but versions since v2.6.19-rc1 are affected. Description The issue is related to a heap out-of-bounds write in the netfilter subsystem of the Linux kernel, specifically in the net/netfilter...

Exploit for Improper Authentication in Hikvision Ds-2Cd2032-I_Firmware

CVE-2017-7921 Hikvision has no authorization to perform POC...

Chrome browser crosses boundaries to write vulnerability analysis Part 2-Vulnerability warning-Black bar safety net

! introduction After we learned how the bug works and sent these details to Chrome to help them start fixing it, we returned to other projects. This bug is still a topic of discussion, and there is no reason why we should not write exploit for it. One of the main reasons for this is to understand...

Impact of 62 million devices: the interpretation I is how to find the Marvell Avastar Wi-Fi remote code execution vulnerability-vulnerability warning-the black bar safety net

One, overview In the present study, I will mainly analyze the Marvell WiFi-FullMAC SoC security. Since we have not yet completed the product with a chip of a wireless device of research, and therefore which may contain large amounts of unaudited code, which might appear serious security problems...

Netgear Unauthenticated Remote Command Execution Exploit

Netgear WN604 versions before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 versions before 3.5.5.0 allow remote attackers to execute arbitrary commands. This module requires Metasploit: https://metasploit.com/download Current source:...

Exploit for Integer Overflow or Wraparound in F5 Nginx

Nginx Integer Overflow Vulnerability CVE-2017-7529 Vulne...

RubyGems: RCE,SQL,Vulnerability + Exploit Method.

http://m.rubygems.org is this site under the scope for this bounty?...

MS15-0 7 6(CVE-2 0 1 5-2 3 7 0 vulnerability) the use of analysis-vulnerability warning-the black bar safety net

2 0 1 5 year 7 month 1 4 day,that is,a month ago, on that busy Tuesday,Microsoft fixes exist on the Windows platform in a number of Privilege escalation vulnerabilities. In these vulnerabilities,there is a presence in the DCOM/RPC vulnerability,this vulnerability allows an attacker to initiate a...

斐讯无线路由器FWR-604H远程执行代码漏洞

FWR-604H是一款150M增强型无线路由器。 web服务器在系统执行前没有验证用户，未经身份验证的攻击者可以利用diagnosis.asp文件中的systemcommand参数远程，远程攻击目标。 0 Feixun Wireless Router FWR-604H 目前厂商暂无提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://feixun.com.cn/ Exploit Title: Feixun FWR-604H Wireless Router Remote Code Execution Date: 2014-01-09 Exploit...

Graduation thesis system upload vulnerability-vulnerability warning-the black bar safety net

In the A5 school class web site system recommended seen, bored download down to see Vulnerability in fileload directory of the FileUpload. asp file, with no fear of the formation of the upload ----------------------- var fu = new FileUpload“uploadForm”, “idFile”, Limit: 3, ExtIn: "rar",...

AdvancedDvdPlayer Local Exploit

Exploit for windows platform in category local exploits / Not so usual exploit method Local Heapoverflow exploit An Advanced Exploit For An AdvancedDvdPlayer ; 02-10-2011 AdvancedDvdPlayer 3.03 Download Link : http://download.cnet.com/Advanced-DVD-Player/3000-21394-10310889.html?tag=mncol;3 Teste...

f-fileman 7.0 - Directory Traversal

f-fileman 7.0 - Directory Traversal Advisory: ffileman 7.0 Directory Traversal Vulnerability Credits: Raffaele Forte http://www.backbox.org Tested Versions: ffileman 7.0 Software Link: http://sourceforge.net/projects/f-fileman/ Tested on: Unix Category: Directory Traversal Severity: Medium...

RarmaRadio 2.53.1 - .m3u Denial of Service

RarmaRadio 2.53.1 - .m3u Denial of Service Title: RarmaRadio .m3u Denial of service vulnerability Author : anT!-Tr0J4n Greetz : Dev-PoinT.com inj3ct0r.com all DEV-PoinT t34m thanks : r0073r ; Sid3^effects ; L0rd CrusAd3r ; all Inj3ct0r 31337 Member Home : www.Dev-PoinT.com $ http://inj3ct0r.com...

Webiz SQL Injection / SHELL Upload Vulnerability

Exploit for php platform in category web applications ================================================ Webiz SQL Injection / SHELL Upload Vulnerability ================================================ ============================================================================ INFORMATIONS...