16988 matches found
GNU C Library 安全漏洞
The GNU C Library glibc is an open-source, free, easy-to-download C compiler released under the LGPL license. A denial of service vulnerability exists in GNU C Library version 2.32 and earlier. The vulnerability stems from the iconv function in the GNU C Library failing to assert and aborting a...
CVE-2021-3326
The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...
CVE-2021-3326
The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...
CVE-2021-20197
There is an open race window when writing output in the following utilities in GNU binutils1: ar, objcopy, strip, and ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can trick these utilities...
QEMU Out-of-Bounds Read Access Vulnerability
QEMU is a set of simulation processors written by Fabrice Bellard and distributed with source code under the GPL license, widely used on the GNU/Linux platform. An out-of-bounds read access vulnerability exists in ideatapicmdreplyend in hw/ide/atapi.c in QEMU 5.1.0. The vulnerability stems from a...
Fedora: Security Advisory for python3.8 (FEDORA-2021-cc3ff94cfc)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
glibc: Multiple vulnerabilities
Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workarou...
Zmap - A Fast Single Packet Network Scanner Designed For Internet-wide Network Surveys
ZMap is a fast single packet network scanner designed for Internet-wide network surveys. On a typical desktop computer with a gigabit Ethernet connection, ZMap is capable scanning the entire public IPv4 address space in under 45 minutes. With a 10gigE connection and PFRING, ZMap can scan the IPv4...
Selea Targa IP OCR-ANPR Camera Server-Side Request Forgery
Selea Targa IP OCR-ANPR Camera Unauthenticated SSRF Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa 512 Targa 504 Targa Semplice Targa 704 TKM Targa 805 Targa 710 INOX Targa 750 Targa 704 ILB Firmware: BLD201113005214 BLD201106163745 BLD2003041709...
Selea Targa IP OCR-ANPR Camera Developer Backdoor Config Overwrite
Selea Targa IP OCR-ANPR Camera Developer Backdoor Config Overwrite Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa 512 Targa 504 Targa Semplice Targa 704 TKM Targa 805 Targa 710 INOX Targa 750 Targa 704 ILB Firmware: BLD201113005214 BLD20110616374...
Fedora: Security Advisory for dotnet3.1 (FEDORA-2021-77a4202036)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Selea Targa 512 IP OCR-ANPR Camera - Stream Disclosure (Unauthenticated)
Exploit Title: Selea Targa IP OCR-ANPR Camera - RTP/RTSP/M-JPEG Stream Disclosure Unauthenticated Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera Unauthenticated RTP/RTSP/M-JPEG Stream Disclosure Vendor: Selea s.r.l. Product web...
Oracle WebLogic Server 14.1.1.0 - RCE (Authenticated)
Exploit Title: Oracle WebLogic Server 14.1.1.0 - RCE Authenticated Date: 2021-01-21 Exploit Author: Photubias Vendor Advisory: 1 https://www.oracle.com/security-alerts/cpujan2021.html Vendor Homepage: https://www.oracle.com Version: WebLogic 10.3.6.0, 12.1.3.0, 12.2.1.3, 12.2.1.4, 14.1.1.0 fixed ...
Selea Targa IP OCR-ANPR Camera - CSRF Add Admin
Exploit Title: Selea Targa IP OCR-ANPR Camera - CSRF Add Admin Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera CSRF Add Admin Exploit Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa...
Selea Targa IP OCR-ANPR Camera - Multiple SSRF (Unauthenticated)
Exploit Title: Selea Targa IP OCR-ANPR Camera - Multiple SSRF Unauthenticated Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera Unauthenticated SSRF Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model...
Selea Targa IP OCR-ANPR Camera - 'addr' Remote Code Execution (Unauthenticated)
Exploit Title: Selea Targa IP OCR-ANPR Camera - 'addr' Remote Code Execution Unauthenticated Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com !/bin/bash Selea Targa IP OCR-ANPR Camera Unauthenticated Remote Code Execution Vendor: Selea s.r.l. Product web page:...
Selea Targa IP OCR-ANPR Camera - Directory Traversal File Disclosure (Unauthenticated)
Exploit Title: Selea Targa IP OCR-ANPR Camera - Directory Traversal File Disclosure Unauthenticated Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera Unauthenticated Directory Traversal File Disclosure Vendor: Selea s.r.l. Product we...
Selea Targa IP OCR-ANPR Camera Developer Backdoor Config Overwrite
Summary IP camera with optical character recognition OCR software for automatic number plate recognition ANPR also equipped with ADR system that enables it to read the Hazard Identification Number HIN, also known as the Kemler Code and UN number of any vehicle captured in free-flow mode. TARGA is...
EulerOS 2.0 SP3 : glibc (EulerOS-SA-2021-1069)
According to the version of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Stack-based buffer overflow in the glob implementation in GNU C Library aka glibc before 2.24, when GLOBALTDIRFUNC is used, allows context-dependent...
Linux/x64 - Reverse (127.1.1.1:4444) Shell (/bin/sh) Shellcode (123 Bytes)
/ Exploit Title: Linux/x64 - Reverse Shell Author: Guillem Alminyana Date: 2021-01-18 Platform: GNU Linux x64 ===================================== This shellcode connects back to 127.1.1.1 address on port 4444 Listener needs to be opened before execute: nc -lvp 4444 Compile: gcc...