Python-RCE-Simulation-Tool

Python-RCE-Simulation-Tool A technical simulation of...

CVE-2024-23749

KiTTY versions 0.76.1.13 and before is vulnerable to command injection via the filename variable, occurs due to insufficient input sanitization and validation, failure to escape special characters, and insecure system calls at lines 2369-2390. This allows an attacker to add inputs inside the...

Command injection

KiTTY versions 0.76.1.13 and before is vulnerable to command injection via the filename variable, occurs due to insufficient input sanitization and validation, failure to escape special characters, and insecure system calls at lines 2369-2390. This allows an attacker to add inputs inside the...

CVE-2024-23749

KiTTY versions 0.76.1.13 and before is vulnerable to command injection via the filename variable, occurs due to insufficient input sanitization and validation, failure to escape special characters, and insecure system calls at lines 2369-2390. This allows an attacker to add inputs inside the...

PT-2024-3871 · Kitty · Kitty

Name of the Vulnerable Software and Affected Versions: KiTTY versions 0.76.1.13 and before Description: The issue is related to insufficient input sanitization and validation, failure to escape special characters, and insecure system calls. This allows an attacker to add inputs inside the filenam...

CVE-2020-4002

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 handles system parameters in an insecure way. An authenticated SD-WAN Orchestrator user with high privileges may be able to execute arbitrary code on the underlying operating system...

CVE-2019-5603

Removed by vendor...

CVE-2018-15394 Cisco Stealthwatch Management Console Authentication Bypass Vulnerability

A vulnerability in the Stealthwatch Management Console SMC of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected system. The vulnerability is due to an insecure system...

Cisco Stealthwatch Management Console Authentication Bypass Vulnerability

A vulnerability in the Stealthwatch Management Console SMC of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected system. The vulnerability is due to an insecure system...

Apple macOS 10.13.1 High Sierra - Insecure Cron System Local Privilege Escalation Vulnerability

Apple macOS version 10.13.1 High Sierra suffers from a cron related local privilege escalation vulnerability that allows you to gain root privileges. Recently I was working on an security issue in some other software that has yet to be disclosed which created a rather interesting condition. As a...

Micro Focus Filr 2 2.0.0.421, Filr 1.2 1.2.0.846 - Multiple Vulnerabilities

Exploit for php platform in category web applications title: Multiple vulnerabilities product: Micro Focus former Novell Filr Appliance vulnerable version: Filr 2 =2.0.0.421, Filr 1.2 = 1.2.0.846 fixed version: Filr 2 v2.0.0.465, Filr 1.2 v1.2.0.871 CVE number: CVE-2016-1607, CVE-2016-1608,...

Micro Focus Filr CSRF / XSS / Code Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Micro Focus former Novell Filr Appliance vulnerable version: Filr 2 =2.0.0.421, Filr 1.2 = 1.2.0.846 fixed version: Filr 2 v2.0.0.465,...

Micro Focus (Novell) Filr 1.2 <= 1.2.0.846 / 2 <= 2.0.0.421 Multiple Vulnerabilities

Micro Focus Novell Filr is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:microfocus:filr"; i...

CVE-2002-0836

dvips converter for Postscript files in the tetex package calls the system function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts...

CVE-1999-1493

Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through SR10.3 allows remote attackers to gain root privileges via insecure system calls, 1 pad$dmcmd and 2 pad$defpfk...

Itetris 1.6.11.6.2 - Privileged Arbitrary Command Execution

Itetris 1.6.11.6.2 - Privileged Arbitrary Command Execution // source: https://www.securityfocus.com/bid/2139/info Itetris, or "Intelligent Tetris", is a clone of the popular Tetris puzzle game for linux systems. The svgalib version of Itetris is installed setuid root so that it may access video...

Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool

source: https://www.securityfocus.com/bid/1563/info Raptor GFX cards are designed to handle 24-bit true color applications such as Netscape, seismic, geographical information systems GIS, satellite imaging, pre-press imaging and general desktop use. They can also be used for high resolution 8-bit...