CVE-2024-27348

RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue. Recent assessments: jheysel-r7...

Exploit for Missing Authentication for Critical Function in Jetbrains Teamcity

CVE-2023-42793 JetBrains TeamCity before 2023.05.4 is vulnerab...

SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)

Exploit Title: SofaWiki 3.9.2 - Remote Command Execution RCE Authenticated Discovered by: Ahmet Ümit BAYRAM Discovered Date: 18.04.2024 Vendor Homepage: https://www.sofawiki.com Software Link: https://www.sofawiki.com/site/files/snapshot.zip Tested Version: v3.9.2 latest Tested on: MacOS import...

Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution

Exploit Title: Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution Date: 2024-04-16 Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor Homepage: https://wordpress.org Software Link:...

RHEL 8 : shim (RHSA-2024:1902)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1902 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments...

RHEL 9 : shim update (Important) (RHSA-2024:1903)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1903 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments...

Exploit for Deserialization of Untrusted Data in Torrentpier

CVE-2024-1651 This CVE was discovered by Carlos Bello from the...

CVE-2023-50260

Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the hostdeny script allows to write any string in the hosts.deny file, which can end in an arbitrary command execution on the target system. This vulnerability is part of the active...

CVE-2023-50260

Wazuh contains a vulnerability in the host_deny active-response script due to improper input validation for IP/JSON handling. An attacker can write arbitrary text into /etc/hosts.deny via the host_deny spawn directive, enabling arbitrary command execution. This can cause local privilege escalatio...

CVE-2023-50260 Wazuh's vulnerability in host_deny AR script allows arbitrary command execution

Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the hostdeny script allows to write any string in the hosts.deny file, which can end in an arbitrary command execution on the target system. This vulnerability is part of the active...

CVE-2023-50260 Wazuh's vulnerability in host_deny AR script allows arbitrary command execution

Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the hostdeny script allows to write any string in the hosts.deny file, which can end in an arbitrary command execution on the target system. This vulnerability is part of the active...

Relate Learning And Teaching System SSTI / Remote Code Execution

Exploit Title: Relate Learning And Teaching system Version before 2024.1 SSTIMarkup Sandbox function lead to RCE Date: 19/04/2024 Exploit Author: kai6u Vendor Homepage: https://github.com/inducer/ Software Link: https://github.com/inducer/relate Affected Version:before 2024.1...

Security Bulletin: Issue in RCE in PCOMM Service through unprotected named pipe

Summary There is a vulnerability in IBM Personal Communications PCOMM. Personal Communications has addressed the applicable CVE through version update. Vulnerability Details CVEID:CVE-2024-25029 DESCRIPTION: IBM Personal Communications 15.0.1 includes a Windows service that is vulnerable to remot...

Important: Red Hat Security Advisory: shim security update

An update for shim is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Ncast_Project Ncast

cve-2024-0305exp The available exploits for cve-2024-0305. I...

Important: Red Hat Security Advisory: shim security update

An update for shim is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Important: Red Hat Security Advisory: shim bug fix update

An update for shim is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Important: Red Hat Security Advisory: shim security update

An update for shim is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, E4S Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as...

ALSA-2024:1903 Important: shim bug fix update

The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fixes: shim: RCE in http boot support may lead to Secure Boot bypass CVE-2023-40547 shim: Interger overflow leads to heap buffer overflow in...

RHEL 9 : shim update (Important) (RHSA-2024:1876)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1876 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments...