dnsmasq_2.92_pocs

dnsmasq 2.92 — Proof of Concepts Self-contained reproduction...

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the internet right now. No corporate fluff or boring lectures here, just a quick and honest look at the messy reality of keeping systems safe this week. Things are moving fast. The list includes researchers...

Trend Micro Apex One Multiple Vulnerabilities (KA-0020652)

According to its self-reported version, the Trend Micro application running on the remote Windows host is Apex One prior to SP1 Server Build 14081 and Agent Build 14081. It is, therefore, affected by multiple vulnerabilities, including the following: - A vulnerability in Trend Micro Apex One...

CVE-2021-21242

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which can lead to pre-auth remote code execution. AttachmentUploadServlet deserializes untrusted data from the Attachment-Support header. This Servlet does not enforce any authentication or...

Multiple Critical Vulnerabilities in Juniper Exploited in the Wild

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Multiple vulnerabilities have been discovered in Juniper Networks Junos OS, with the potential for pre-auth Remote Code Execution when chained in Juniper devices. Juniper Networks has confirmed th...

Design/Logic Flaw

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which can lead to pre-auth remote code execution. AttachmentUploadServlet deserializes untrusted data from the Attachment-Support header. This Servlet does not enforce any authentication or...

CVE-2018-16763

FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution...

WDMyCloud < 2.30.165 - Multiple Vulnerabilities

WDMyCloud Multiple Vulnerabilities Vendor: Western Digital Product: WDMyCloud Version: = 2.30.165 Website: https://www.wdc.com/products/network-attached-storage.html / / / / / / / / / / / / / / / / / / / / / \ / // / // / / / / / / / // / / / /,/// // /// // GulfTech Research and Development...

Immunity Canvas: VBULLETIN_PREAUTH_DECODEARGUMENTS

Name| vbulletinpreauthdecodeArguments ---|--- CVE| CVE-2015-7808 Exploit Pack| CANVAS Description| vBulletin pre-auth remote code execution Notes| CVE Name: CVE-2015-7808 VENDOR: vBulletin Solutions NOTES: Tested on Ubuntu 14.04 against: - vBulletin 5.1.4 - vBulletin 5.0.4 Repeatability: Infinite...

iOS Udisk FTP Basic Edition - Remote Denial of Service

!/usr/bin/python Apple Iphone/Ipod - Udisk FTP Basic Edition Remote 0day DOS exploit Found by: Steven Seeley mrme seeleymagic at hotmail dot com Homepage: http://6tags.com/n/ Price: $4.99 Download: From the app store use your itunes account Tested on: Iphone 3G - firmware 3.1.2 Darwin kernel Gree...