978 matches found
CVE-2019-17626
ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...
PYSEC-2019-117
ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...
CVE-2019-17626
ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...
CVE-2019-17626
ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...
Foscam Video Management System 1.1.6.6 - 'UID' Denial of Service (PoC)
Exploit Title: Foscam Video Management System 1.1.6.6 - 'UID' Denial of Service PoC Author: Alessandro Magnosi Date: 2019-10-09 Vendor Homepage: https://www.foscam.com/ Software Link : https://www.foscam.com/downloads/appsoftware.html?id=5 Tested Version: 1.1.6.6 Vulnerability Type: Denial of...
Debian DLA-1947-1 : libreoffice security update
Several vulnerabilities were discovered in LibreOffice, the office productivity suite. CVE-2019-9848 Nils Emmerich discovered that malicious documents could execute arbitrary Python code via LibreLogo. CVE-2019-9849 Matei Badanoiu discovered that the stealth mode did not apply to bullet graphics...
Folder Lock 7.7.9 - Denial of Service
Exploit Title: Folder Lock v7.7.9 Denial of Service Exploit Date: 12.09.2019 Vendor Homepage:https://www.newsoftwares.net/folderlock/ Software Link: https://www.newsoftwares.net/download/folderlock7-en/folder-lock-en.exe Exploit Author: Achilles Tested Version: 7.7.9 Tested on: Windows 7 x64 1.-...
Folder Lock v7.7.9 Denial of Service Exploit
Exploit Title: Folder Lock v7.7.9 Denial of Service Exploit Date: 12.09.2019 Vendor Homepage:https://www.newsoftwares.net/folderlock/ Software Link: https://www.newsoftwares.net/download/folderlock7-en/folder-lock-en.exe Exploit Author: Achilles Tested Version: 7.7.9 Tested on: Windows 7 x64 1.-...
SQL Server Password Changer 1.90 - Denial of Service
SQL Server Password Changer 1.90 - Denial of Service Exploit Title: SQL Server Password Changer v1.90 Denial of Service Exploit Date: 29.08.2019 Vendor Homepage:https://www.top-password.com/ Exploit Author: Velayutham Selvaraj & Praveen Thiyagarayam TwinTech Solutions Tested Version: v2.10 Tested...
SQL Server Password Changer 1.90 Denial Of Service
Exploit Title: SQL Server Password Changer v1.90 Denial of Service Exploit Date: 29.08.2019 Vendor Homepage:https://www.top-password.com/ Exploit Author: Velayutham Selvaraj & Praveen Thiyagarayam TwinTech Solutions Tested Version: v2.10 Tested on: Windows 8 x64 Windows 7 x64 1.- Run python code...
SQL Server Password Changer 1.90 - Denial of Service
Exploit Title: SQL Server Password Changer v1.90 Denial of Service Exploit Date: 29.08.2019 Vendor Homepage:https://www.top-password.com/ Exploit Author: Velayutham Selvaraj & Praveen Thiyagarayam TwinTech Solutions Tested Version: v2.10 Tested on: Windows 8 x64 Windows 7 x64 1.- Run python code...
LibreOffice Macro Python Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LibreOffice Macro Python Code Execution', 'Description' = %q LibreOffice comes bundled with sample macros written in Python and allows the abilit...
RAR Password Recovery 1.80 - 'User Name and Registration Code' Denial of Service
Exploit Title: RAR Password Recovery v1.80 Denial of Service Exploit Date: 16.08.2019 Vendor Homepage:https://www.top-password.com/ Software Link: https://www.top-password.com/download/RARPRSetup.exe Exploit Author: Achilles Tested Version: v1.80 Tested on: Windows 7 x64 Windows XP SP3 1.- Run...
Debian DSA-4483-1 : libreoffice - security update
Two security issues have been discovered in LibreOffice : - CVE-2019-9848 Nils Emmerich discovered that malicious documents could execute arbitrary Python code via LibreLogo. - CVE-2019-9849 Matei Badanoiu discovered that the stealth mode did not apply to bullet graphics. C Tenable Network...
[SECURITY] [DSA 4483-1] libreoffice security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4483-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 16, 2019 https://www.debian.org/security/faq -...
GHSA-X64G-WJMW-W328 Injection vulnerability that affects ironic-discoverd
OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...
Injection vulnerability that affects ironic-discoverd
OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...
Tuneclone 2.20 - Local SEH Buffer Overflow Exploit
Exploit for windows platform in category local exploits Exploit Title: TuneClone Local Seh Exploit Date: 19.06.2019 Vendor Homepage: http://www.tuneclone.com/ Software Link: http://www.tuneclone.com/tuneclonesetup.exe Exploit Author: Achilles Tested Version: 2.20 Tested on: Windows XP SP3 EN 1.-...
Tuneclone 2.20 - Local SEH Buffer Overflow
Exploit Title: TuneClone Local Seh Exploit Date: 19.06.2019 Vendor Homepage: http://www.tuneclone.com/ Software Link: http://www.tuneclone.com/tuneclonesetup.exe Exploit Author: Achilles Tested Version: 2.20 Tested on: Windows XP SP3 EN 1.- Run python code : TuneClone.py 2.- Open EVIL.txt and cop...
Debian DLA-1819-1 : pyxdg security update
It was discovered that there was a code injection issue in PyXDG, a library used to locate 'FreeDesktop.org' configuration/cache/etc. directories. A lack of sanitisation allowed arbitrary Python code embedded in the Category element of a Menu XML document in a .menu file to be executed. For Debia...