Selea Targa IP OCR-ANPR Camera - CSRF Add Admin

Exploit Title: Selea Targa IP OCR-ANPR Camera - CSRF Add Admin Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera CSRF Add Admin Exploit Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa...

Selea Targa 512 IP OCR-ANPR Camera - Stream Disclosure (Unauthenticated)

Exploit Title: Selea Targa IP OCR-ANPR Camera - RTP/RTSP/M-JPEG Stream Disclosure Unauthenticated Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera Unauthenticated RTP/RTSP/M-JPEG Stream Disclosure Vendor: Selea s.r.l. Product web...

Selea Targa IP OCR-ANPR Camera - Multiple SSRF (Unauthenticated)

Exploit Title: Selea Targa IP OCR-ANPR Camera - Multiple SSRF Unauthenticated Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera Unauthenticated SSRF Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model...

Selea Targa IP OCR-ANPR Camera Developer Backdoor Config Overwrite

Summary IP camera with optical character recognition OCR software for automatic number plate recognition ANPR also equipped with ADR system that enables it to read the Hazard Identification Number HIN, also known as the Kemler Code and UN number of any vehicle captured in free-flow mode. TARGA is...

Linux/x64 - Reverse (127.1.1.1:4444) Shell (/bin/sh) Shellcode (123 Bytes)

/ Exploit Title: Linux/x64 - Reverse Shell Author: Guillem Alminyana Date: 2021-01-18 Platform: GNU Linux x64 ===================================== This shellcode connects back to 127.1.1.1 address on port 4444 Listener needs to be opened before execute: nc -lvp 4444 Compile: gcc...

EulerOS 2.0 SP3 : glibc (EulerOS-SA-2021-1069)

According to the version of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Stack-based buffer overflow in the glob implementation in GNU C Library aka glibc before 2.24, when GLOBALTDIRFUNC is used, allows context-dependent...

Fedora 32 : glibc (2021-6e581c051a)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-6e581c051a advisory. - The iconv program in the GNU C Library aka glibc or libc6 2.31 and earlier, when invoked with multiple suffixes in the destination encoding...

Fedora: Security Advisory for kernel-headers (FEDORA-2021-620fb40359)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: IBM Event Streams is affected by GNU gettext vulnerability CVE-2018-18751

Summary IBM Event Streams has addressed the following vulnerability Vulnerability Details CVEID: CVE-2018-18751 DESCRIPTION: GNU gettext is vulnerable to a denial of service, caused by a double free flaw in the defaultaddmessage function in read-catalog.c. By persuading a victim to open a...

MGASA-2021-0023 Updated bison packages fix a security vulnerability

It was discovered that GNU Bison before 3.5.4 allows attackers to cause a denial of service application crash CVE-2020-14150...

Updated bison packages fix a security vulnerability

It was discovered that GNU Bison before 3.5.4 allows attackers to cause a denial of service application crash CVE-2020-14150...

[SECURITY] Fedora 33 Update: cpu-x-4.1.0-3.fc33

Free software that gathers information on CPU, motherboard and more. CPU-X is similar to CPU-Z Windows, but CPU-X is a Free and Open Source software designed for GNU/Linux; also, it works on BSD. This software is written in C and built with CMake tool. It can be used in graphical mode by using GT...

Fedora: Security Advisory for php (FEDORA-2021-8dac5c39f3)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

USN-4692-1: tar vulnerabilities

Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the --sparse flag. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu...

Security Bulletin: Vulnerability in GNU binutils affects IBM Netezza Analytics

Summary GNU binutils is used by IBM Netezza Analytics. IBM Netezza Analytics has addressed the applicable CVE by upgrading GNU binutils to latest version 2.35. Vulnerability Details CVEID: CVE-2019-14444 DESCRIPTION: GNU Binutils is vulnerable to a denial of service, caused by an integer overflow...

Security Bulletin: Multiple vulnerabilities in GNU binutils affect IBM Netezza Analytics

Summary GNU binutils is used by IBM Netezza Analytics. IBM Netezza Analytics has addressed the applicable CVEs by upgrading GNU binutils to latest version 2.35. Vulnerability Details CVEID: CVE-2020-35495 DESCRIPTION: GNU Binutils is vulnerable to a denial of service, caused by NULL pointer...

Fedora: Security Advisory for awstats (FEDORA-2020-4cba5f2846)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-1005)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32 when processing invalid multi-byte input sequences in the EUC-KR encoding may have a buffer over-read.

...

GNU Binutils Null Pointer Dereference Vulnerability (CNVD-2021-01282)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A null pointer dereference vulnerability exists in bfdpefparsefunctionstubs in bfd/pef.c in versions of GNU Binutils prior to 2.34. An attacker can...