Mozilla: RCE on worker host due to unsanitized "env" variable name in task definition on community-tc.services.mozilla.com

The task definition attempted to escape parameters passed to the podman command before running the container, but the custom shell.escape function was not applied to the environment variable name, allowing for command execution on the worker host. The community-tc.services.mozilla.com instance...

Debian dla-3622 : libaxis-java - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3622 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3622-1 [email protected] https://www.debian.org/lts/security/...

Oracle Linux 9 : php (ELSA-2023-5926)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5926 advisory. 8.0.30-1 - rebase to 8.0.30 - Resolves: RHEL-11946 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Royal Elementor Addons and Templates 1.4.78 - Unauthenticated Arbitrary File Upload

Description The plugin does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE. Note that this vulnerability is identical to https://wpscan.com/vulnerability/281518ff-7816-4007-b712-63aed7828b34/ as it was introduce...

Exploit for CVE-2021-3129

Mass Scanner for CVE-...

Exploit for CVE-2021-3129

Mass Scanner for CVE-...

Remote Code Execution (RCE)

exim4 is vulnerable to Remote Code Execution RCE. A memory corruption vulnerability exists in the smtp service of Exim, which listens on TCP port 25 by default that allows an attacker to execute arbitrary code on a vulnerable system by sending a specially crafted SMTP message...

Remote code execution

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a crafted sendmail command line...

AlmaLinux 9 : php (ALSA-2023:5926)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5926 advisory. - In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, passwordverify function may accept some invalid Blowfish hashes as valid. If suc...

CVE-2023-46117

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities. A vulnerability has been identified in reconftw where inadequate validation of retrieved subdomains may lead to a Remote Code Execution R...

Design/Logic Flaw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities. A vulnerability has been identified in reconftw where inadequate validation of retrieved subdomains may lead to a Remote Code Execution R...

CVE-2023-46117

ReconFTW is affected by an RCE vulnerability due to inadequate validation of retrieved subdomains. An attacker can craft a malicious CSP entry on the reconFTW domain to execute arbitrary code within the application. The issue is addressed in version 2.7.1.1; upgrading is advised. Other sources co...

CVE-2023-46117 Inadequate validation of retrieved subdomains may lead to a Remote Code Execution in reconFTW

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities. A vulnerability has been identified in reconftw where inadequate validation of retrieved subdomains may lead to a Remote Code Execution R...

CVE-2023-46117 Inadequate validation of retrieved subdomains may lead to a Remote Code Execution in reconFTW

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities. A vulnerability has been identified in reconftw where inadequate validation of retrieved subdomains may lead to a Remote Code Execution R...

Exploit for CVE-2023-38646

CVE-2023-38646 A python RCE exploit for CVE-2023-38646 Us...

Remote Code Execution (RCE)

mysql-connector-java is vulnerable to Remote Code Execution. The vulnerability is due to not sanitizing the propertiesTransformClassName when instantiated or not in setupPropertiesTransformer in the ConnectionUrl.java file. This potentially leads to Arbitrary Code Execution...

Clickjacking

home-assistant is vulnerable to Clickjacking attacks. The server doesn't set the X-Frame-Options HTTP security headers . The omission of this header facilitates clickjacking attack which could also lead to RCE...

Atlassian SourceTree 3.4.14 RCE

The version of Atlassian SourceTree installed on the remote Windows host is version 3.4.14. It is, therefore, affected by a remote code execution vulnerability. An attacker, with the interaction of an authorized user, can execute arbitrary code on the affected host. Note that Nessus has not teste...

CVE-2023-41897

Home assistant is an open source home automation. Home Assistant server does not set any HTTP security headers, including the X-Frame-Options header, which specifies whether the web page is allowed to be framed. The omission of this and correlating headers facilitates covert clickjacking attacks...

Server side request forgery (ssrf)

The Home Assistant Companion for iOS and macOS app up to version 2023.4 are vulnerable to Client-Side Request Forgery. Attackers may send malicious links/QRs to victims that, when visited, will make the victim to call arbitrary services in their Home Assistant installation. Combined with this...