Fedora 40 : redis (2024-5d4eb04e76)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5d4eb04e76 advisory. Redis Community Edition 7.2.6 Released Wed 02 Oct 2024 20:17:04 IDT Upgrade urgency SECURITY: See security fixes below. Security fixes CVE-2024-3144...

Exploit for Out-of-bounds Write in Treasuredata Fluent_Bit

!Profile Visitorshttps://komarev.com/ghpvc/?username=d0rb&la...

Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCE

Summary A lack of sanitization/check in the font path returned by php-svg-lib, in the case of a inline CSS font defined, that will be used by Cpdf to open a font will be passed to a fileexists call, which is sufficient to trigger metadata unserializing on a PHAR file, through the phar:// URL...

Buffer overflow

An malicious BLE device can cause buffer overflow by sending malformed advertising packet BLE device using Zephyr OS, leading to DoS or potential RCE on the victim BLE device...

CVE-2023-4424

CVE-2023-4424 affects Zephyr OS Bluetooth: a malicious BLE device can trigger a buffer overflow by sending malformed advertising packets, potentially causing DoS or remote code execution on the victim device. The issue is linked to the HCI Bluetooth controller path (le_advertising_report) and ste...

CVE-2021-34083

Google-it is a Node.js package which allows its users to send search queries to Google and receive the results in a JSON format. When using the 'Open in browser' option in versions up to 1.6.2, google-it will unsafely concat the result's link retrieved from google to a shell command, potentially...

U.S. Dept Of Defense: Access to admininstrative resources/account via path traversal

Description: A user can login as an administrator without the need of an ██████████ account, or an authenticated user can access and manipulate administrative resources without needing to login as an administrator. An ████████ ███████ account is required. References Impact Exfiltration of sensiti...

Out of bounds write in prost

Affected versions of this crate contained a bug in which decoding untrusted input could overflow the stack. On architectures with stack probes like x86, this can be used for denial of service attacks, while on architectures without stack probes like ARM overflowing the stack is unsound and can...

CVE-2020-1913

An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the application using Hermes...

Integer overflow

An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the application using Hermes...

CVE-2020-1913

An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the application using Hermes...

U.S. Dept Of Defense: Unrestricted File Upload Leads to XSS & Potential RCE

Summary: Unrestricted file upload at████████/request?openform. When the user wants to upload a file the app allows the user to upload a HTML file leading to stored XSS and creation of a simple php script. A user can upload the HTML file and trigger XSS and trigger potential RCE with php shell...

Internet Bug Bounty: [CVE-2020-10543] Buffer overflow caused by a crafted regular expression

CVE ID: CVE-2020-10543 See: + https://metacpan.org/pod/release/XSAWYERX/perl-5.30.3/pod/perldelta.pod + https://metacpan.org/pod/release/XSAWYERX/perl-5.28.3/pod/perldelta.pod Impact Potential RCE...

U.S. Dept Of Defense: Authentication bypass and potential RCE on the https://████ due to exposed Cisco TelePresence SX80 with default credentials

The Cisco TelePresence SX80 device located at https://███████ was found to have default administrative credentials of "admin:admin", allowing authentication bypass and potential remote code execution. The device was identified as belonging to AS257 ███ and had been last used in 2017. The...

Internet Bug Bounty: [CVE-2018-18312] regcomp: heap-buffer-overflow write / reg_node overrun

See: https://rt.perl.org/Public/Bug/Display.html?id=133423 CVE ID: CVE-2018-18312 Impact Potential RCE...

CVE-2016-10681

roslib-socketio - The standard ROS Javascript Library fork for add support to socket.io roslib-socketio downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker...

Fedora 27 : perl-Dancer2 (2018-59eb033684)

Dancer2 0.206000 addresses several potential security issues. There is a potential RCE with regards to Storable. Dancer2 adds session ID validation to the session engine so that session backends based on Storable can reject malformed session IDs that may lead to exploitation of the RCE. Parsing...

GNU Wget Arbitrary File Upload / Potential Remote Code Execution

============================================= - Release date: 06.07.2016 - Discovered by: Dawid Golunski - Severity: High - CVE-2016-4971 ============================================= I. VULNERABILITY ------------------------- GNU Wget 1.18 Arbitrary File Upload / Potential RCE II. BACKGROUND...

Mail.ru: bgplay.mail.ru

Potential RCE via Java object deserialization in out-of-scope service...