1842 matches found
Progress Flowmon 12.3.5 Local sudo Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Progress Flowmon Local sudo privilege escalation', 'Description' = %q This module abuses a feature of the sudo command on Progress Flowmon. Certa...
Progress Flowmon Local sudo privilege escalation
This module abuses a feature of the sudo command on Progress Flowmon. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. This includes executing a PHP command with a specific file name. If the file is overwritten with PHP code it c...
Flowmon Unauthenticated Command Injection
This module exploits an unauthenticated command injection vulnerability in Progress Flowmon versions before v12.03.02. Module Options msf use exploit/linux/http/progressflowmonunauthcmdinjection msf exploitprogressflowmonunauthcmdinjection show targets ...targets... msf...
CVE-2024-4358
In Progress Telerik Report Server, version 2024 Q1 10.0.24.305 or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability...
CVE-2024-4358 Registration Authentication Bypass Vulnerability
In Progress Telerik Report Server, version 2024 Q1 10.0.24.305 or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability...
Flowmon Unauthenticated Command Injection Exploit
This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Flowmon versions before v12.03.02. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Flowmon...
Progress Software Telerik Report Server 安全漏洞
Progress Software Telerik Report Server is an enterprise-class report management and distribution solution from Progress Software. A security vulnerability exists in Progress Software Telerik Report Server version 10.0.24.305 and prior versions, which originates from a vulnerability that can be...
Flowmon Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Flowmon Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in Progres...
Progress Software Telerik Reporting ValidateMetadaUri XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software Telerik Reporting. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...
CVE-2024-4358
In Progress Telerik Report Server, version 2024 Q1 10.0.24.305 or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. Recent assessments: remmons-r7 at June 03, 2024 6:57pm UTC reported: So far,...
SUSE CVE-2021-47504
In the Linux kernel, the following vulnerability has been resolved: iouring: ensure taskwork gets run as part of cancelations If we successfully cancel a work item but that work item needs to be processed through taskwork, then we can be sleeping uninterruptibly in iouringcancelgeneric and never...
Progress Software WhatsUp Gold HttpContentActiveController Server-Side Request Forgery Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The specific flaw exists within the HttpContentActiveController class. The issue results from the lac...
CVE-2021-47504
In the Linux kernel, the following vulnerability has been resolved: iouring: ensure taskwork gets run as part of cancelations If we successfully cancel a work item but that work item needs to be processed through taskwork, then we can be sleeping uninterruptibly in iouringcancelgeneric and never...
WordPress KKProgressbar2 Free plugin <= 1.1.4.2 - Progress Bar Deletion via CSRF vulnerability
Progress Bar Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin KKProgressbar2 Free versions = 1.1.4.2...
Fedora: Security Advisory for python-tqdm (FEDORA-2024-24e4bba70f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-ef71921bde)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-35acb3b48f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2021-47504
In the Linux kernel, the following vulnerability has been resolved: iouring: ensure taskwork gets run as part of cancelations If we successfully cancel a work item but that work item needs to be processed through taskwork, then we can be sleeping uninterruptibly in iouringcancelgeneric and never...
OESA-2024-1659 python-tqdm security update
tqdm derives from the Arabic word taqaddum which can mean "progress". Instantly make your loops show a smart progress meter - just wrap any iterable with tqdminterable, and you are done! Security Fixes: tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments...
CVE-2024-4563
The Progress MOVEit Automation configuration export function prior to 2024.0.0 uses a cryptographic method with insufficient bit length...