11235 matches found
Important: Red Hat Security Advisory: rh-git227-git security update
An update for rh-git227-git is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
Apache Tomcat On Ubuntu Log Init Privilege Escalation
This exploit sample shows how an exploit module could be written to exploit a bug in a command on a linux computer for priv esc. class MetasploitModule 'Apache Tomcat on Ubuntu Log Init Privilege Escalation', 'Description' = %q Tomcat 6, 7, 8 packages provided by default repositories on...
Apache Tomcat On Ubuntu Log Init Privilege Escalation Exploit
This Metasploit module targets a vulnerability in Tomcat versions 6, 7, and 8 on Debian-based distributions where these older versions provide a vulnerable tomcat init script that allows local attackers who have already gained access to the tomcat account to escalate their privileges from the...
Elastic Kibana 7.0.0 < 7.17.8, 8.0.0 < 8.5.0 RCE Vulnerability (ESA-2022-12)
Kibana is prone to a remote code execution RCE vulnerability in the headless Chromium browser that Kibana relies on for its reporting capabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
D-Link DIR-825 Rev R1 <= 3.0.1 RCE Vulnerability
D-Link DIR-825 Rev. R1 devices are prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
RHEL 8 : git (RHSA-2023:0599)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0599 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a...
ALSA-2023:0610 Important: git security update
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to wo...
ALSA-2023:0611 Important: git security update
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to wo...
RHEL 8 : git (RHSA-2023:0596)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0596 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a...
Medium: sysstat
Issue Overview: sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocatestructures contains a sizet overflow in sacommon.c. The allocatestructures function insufficiently checks bounds before...
Exploit for Unrestricted Upload of File with Dangerous Type in Tecrail Responsive_Filemanager
ResponsiveFileManager-CVE-2022-46604 Responsive FileManager v...
Exploit for Deserialization of Untrusted Data in Ibm Aspera_Faspex
CVE-2022-47986 Aspera Faspex Pr...
CVE-2023-25135
CVE-2023-25135: vBulletin before 5.6.9 PL1 has a pre-authentication remote code execution flaw. An unauthenticated attacker can trigger deserialization via a crafted HTTP request because verify_serialized uses unserialize and error checks, enabling arbitrary code execution. Impact is high (remote...
CVE-2022-46552
D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...
Design/Logic Flaw
D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...
CVE-2022-46552
CVE-2022-46552 affects D-Link DIR-846 firmware FW100A53DBR, exposing a remote command execution vulnerability via the lan(0)_dhcps_staticlist parameter. The issue can be triggered by a crafted POST request, enabling arbitrary commands on the device. Multiple connected sources corroborate the vuln...
CVE-2022-45783
An issue was discovered in dotCMS core 4.x through 22.10.2. An authenticated directory traversal vulnerability in the dotCMS API can lead to Remote Code Execution...
CVE-2022-48093
Seacms v12.7 was discovered to contain a remote code execution RCE vulnerability via the ip parameter at admin ip.php...
CVE-2022-48093
CVE-2022-48093 affects SeaCMS/Seacms v12.7, with a remote code execution (RCE) vulnerability exploitable via the ip parameter in the admin_ip.php endpoint. Multiple connected sources (NVD, Red Hat advisory, CNNVD, CVE listings, etc.) confirm the issue and its impact, all citing the same vector in...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...