SuiteCRM 7.11.18 - Remote Code Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SuiteCRM Log File Remote Code Execution', 'Description' = %q This module exploits an input validation error on the log file extension parameter. ...

Mitsubishi Electric Got 输入验证错误漏洞

Mitsubishi Electric Got is an HMI touchscreen from Mitsubishi Electric Japan. An input validation error vulnerability exists in Mitsubishi Electric GOT, which can be exploited by an attacker to send malicious packets to rewrite the device and adversely affect the operation of the system...

Dell BIOS Input Validation Error Vulnerability

Dell Bios is embedded software on a small memory chip on the motherboard of a computer from Dell USA. The Dell BIOS has an input validation error vulnerability that stems from the Dell BIOS containing an incorrect input validation vulnerability. An attacker could exploit this vulnerability to...

IBM Tivoli Key Lifecycle Manager Input Validation Error Vulnerability (CNVD-2021-93376)

IBM Tivoli Key Lifecycle Manager TKLM is a set of key lifecycle management software from IBM Corporation. The software provides key storage, key maintenance, and key lifecycle management for storage devices.A security vulnerability exists in IBM Tivoli Key Lifecycle Manager, which stems from the...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome, which stems from the product's mishandling of input data. An attacker could use this vulnerability to bypass security restrictions...

Advanced Micro Devices SNP 输入验证错误漏洞

Advanced Micro Devices SNP AMD SNP is a firmware from AMD Advanced Micro Devices, Inc.. The Advanced Micro Devices SNP Firmware suffers from an input validation error vulnerability that arises from a networked system or product that does not properly validate incoming data...

Lenovo ThinkPad 输入验证错误漏洞

Lenovo ThinkPad is a portable computer from the Chinese company Lenovo. The ThinkPad suffers from an input validation error vulnerability that can be exploited by an attacker to execute arbitrary code...

Lenovo ThinkPad 输入验证错误漏洞

Lenovo ThinkPad is a portable computer from Lenovo, a Chinese company. An input validation error vulnerability exists in the SMI callback function used in the CSME configuration of the Lenovo ThinkPad, which can be exploited by an attacker to execute arbitrary code...

Dell Bios 输入验证错误漏洞

Dell Bios is embedded software on a small memory chip on a computer motherboard from Dell, U.S.A. An input validation error vulnerability exists in Dell BIOS, which stems from the fact that Dell BIOS contains a faulty input validation vulnerability. An attacker could use SMI to obtain arbitrary...

AMD Platform Security Processor 输入验证错误漏洞

AMD Platform Security Processor is a security processor from AMD, Inc. AMD Platform Security Processor suffers from an input validation error vulnerability that stems from insufficient input validation against discrete TPM commands in the PSP firmware could lead to a potential loss of integrity a...

AMD Secure Processor输入验证错误漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from AMD. An input validation error vulnerability exists in AMD Secure Processor, which stems from the ASP firmware's insufficient validation of the length of the BIOS image could lead to arbitrary code execution...

AMD多款产品输入验证错误漏洞

AMD Platform Security Processor and AMD Secure Encrypted Virtualization are both products of AMD Corporation.AMD Platform Security Processor is a security processor.AMD Secure Encrypted Virtualization is a software application. Hardware-accelerated memory encryption to protect data in use. An inp...

AMD 多款产品输入验证错误漏洞

AMD Platform Security Processor, etc. are products of AMD USA. AMD Platform Security Processor is a security processor. AMD Secure Encrypted Virtualization is an application software. Micro Devices System Management Unit AMD SMU, etc. are products of AMD Advanced Micro Devices, Inc. in the U.S...

ThinkCentre和ThinkStation输入验证错误漏洞

Lenovo ThinkCentre and ThinkStation Lenovo Desktop Workstation are both products of Lenovo, a Chinese company.Lenovo ThinkCentre is a desktop computer.ThinkStation is a desktop workstation. An input validation error vulnerability exists in ThinkCentre and ThinkStation, which can be exploited by a...

AMD 多款产品输入验证错误漏洞

AMD Platform Security Processor and others are products of AMD Corporation.AMD Platform Security Processor is a security processor.AMD Secure Encrypted Virtualization is an application software.AMD System Management Unit SMU is a system management unit. An input validation error vulnerability...

Eclipse Cyclone DDS 输入验证错误漏洞

Eclipse Cyclone DDS is a very high performance and robust open source DDS implementation from the Eclipse Foundation. An input validation error vulnerability exists in Eclipse Cyclone DDS that stems from the product incorrectly handling invalid structures. An attacker could use this vulnerability...

Real-Time Innovations Connext Dds Secure 输入验证错误漏洞

Real-Time Innovations Connext Dds Secure is a trusted software connectivity framework from Real-Time Innovations, Inc. It is used to build and protect system-of-systems. An input validation error vulnerability exists in Real-Time Innovations Connext Dds Secure, which stems from a failure to...

OCI OpenDDS 输入验证错误漏洞

Object Computing OpenDDS is an open source middleware framework for C++ and Java applications from US-based Object Computing. An input validation error vulnerability exists in OCI OpenDDS, which arises from the product's failure to effectively handle unnecessary data. An attacker could use this...

Cloudflare OctoRPKI 输入验证错误漏洞

Cloudflare OctoRPKI is an RPKI toolkit for the Cloudflare platform from cloudflare USA. Cloudflare OctoRPKI suffers from an input validation error vulnerability that stems from OctoRPKI crashing when it encounters a repository that returns an invalid ROA, which is just an encoded NUL character...

Intel PROSet Wireless 输入验证错误漏洞

Intel PROSet Wireless is an IntelR driver for Intel PROSet wireless cards. An input validation error vulnerability exists in IntelR PROSet/Wireless WiFi and KillerTM WiFi, where an unauthenticated user could potentially enable denial-of-service access via adjacent...