355 matches found
PT-2020-17372 · Mediawiki +1 · Mediawiki +2
Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.35.1 Widgets extension for MediaWiki versions through 1.35.1 Description: An issue was discovered in the Widgets extension for MediaWiki, where any user with the ability to edit pages within the Widgets namespace...
ALPINE-CVE-2020-29362
An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS11 function call, the receiving...
The vulnerability of the Lua interpreter used in Cisco IOS XE operating systems allows a hacker to execute arbitrary code with root privileges.
The vulnerability of the Lua interpreter used in Cisco IOS XE operating systems is related to insufficient restrictions on function calls. Exploiting this vulnerability allows an attacker to execute arbitrary code with root privileges...
PT-2020-16516 · Sap · Sap As Abap +1
Name of the Vulnerable Software and Affected Versions: SAP AS ABAP SAP Landscape Transformation versions 2011 1 620 through 2020 SAP S4 HANA SAP Landscape Transformation versions 101 through 105 Description: The issue allows a high privileged user to execute a RFC function module to which access...
OS Command Injection
gfc is vulnerable to OS command injection. The vulnerability exists through the lack of sanitization of the options argument which leads to passing of untrusted user input to an exec function call...
Security & Malware scan by CleanTalk < 2.51 - Security Nonce Leak leading to Unauthorised AJAX call
Security nonce leak, allowing any authenticated users such as subscribers to make unauthorised AJAX call which could lead to arbitrary file deletion/download and function call. Note WPScanTeam: We do not consider the issue fully remediated, as the AJAX calls rely on CSRF check for authorisation,...
CVE-2020-7950
meshsystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a vulnerable function call...
CVE-2020-7950
meshsystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a vulnerable function call...
CVE-2019-16277
PicoC 2.1 has a heap-based buffer overflow in StringStrcpy in cstdlib/string.c when called from ExpressionParseFunctionCall in expression.c...
Local File Inclusion
larvitbase-www is vulnerable to local file inclusion. The package uses an exposed API endpoint that accepts an unvalidated GET parameter to a require function call. This could potentially allow a remote attacker to execute any .js files within the web server. Successful exploitation causes the...
CVE-2019-10207
A flaw was found in the Linux kernel’s Bluetooth implementation of UART. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash...
CVE-2019-10207
A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the syste...
Apache 2.4.17 2.4.38 - apache2ctl graceful logrotate Local Privilege Escalation
Apache 2.4.17 2.4.38 - apache2ctl graceful logrotate Local Privilege Escalation ?php CARPE DIEM: CVE-2019-0211 Apache Root Privilege Escalation Charles Fol @cfreal 2019-04-08 INFOS https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html USAGE 1. Upload exploit to Apache HTTP serv...
Internet Bug Bounty: Apache HTTP [2.4.17-2.4.38] Local Root Privilege Escalation
Hello, I reported a Local Root privilege escalation vulnerability on Apache HTTPd at the beginning of the year. Apache has now patched it, as you can see here. The vulnerability affects modprefork, modevent, and modworker, the most used mods on Linux. Basically, this is an arbitrary function call...
CVE-2019-9543
An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to for example the pdfseparate binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly...
Remote Code Execution (RCE)
microsoft.chakracore is vulnerable to remote code execution. This happens when the NewTarget flag is passed on proxy function call trap. This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801,...
CVE-2018-8015
In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the...
CVE-2018-8015
CVE-2018-8015 affects Apache ORC parsers (versions 1.0.0 to 1.4.3). A malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser, most likely causing a denial of service. With the C++ parser, the stack overflow may potentially corrupt the stack. The connected do...
CVE-2018-8015
In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the...
CVE-2018-10734
KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoor that prints the login password via a PrintPassword function call in certain circumstances...