Lucene search
K

11236 matches found

Information Security Automation
Information Security Automation
added 2022/12/24 10:55 p.m.67 views

Microsoft Patch Tuesday December 2022: SPNEGO RCE, Mark of the Web Bypass, Edge Memory Corruptions

Hello everyone! This episode will be about Microsoft Patch Tuesday for December 2022, including vulnerabilities that were added between November and December Patch Tuesdays. As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. Alternative video link for...

6.8CVSS0.5AI score0.85646EPSS
Exploits7
Veracode
Veracode
added 2022/12/24 7:43 a.m.42 views

Remote Code Execution (RCE)

xorg-server is vulnerable to remote code execution. The vulnerability exists because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code...

8.8CVSS8.8AI score0.02516EPSS
Exploits0References12Affected Software6
Veracode
Veracode
added 2022/12/24 7:43 a.m.29 views

Remote Code Execution (RCE)

xorg-server is vulnerable to Remote Code Execution RCE.The vulnerability exists because the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request...

8.8CVSS8.8AI score0.02484EPSS
Exploits0References16Affected Software6
CVE
CVE
added 2022/12/24 12:0 a.m.376 views

CVE-2022-46175

CVE-2022-46175 (JSON5 Prototype Pollution) The JSON5 library up to v1.0.1 and v2.2.1 fails to restrict keys named proto in JSON5.parse, enabling prototype pollution on the returned object. This can lead to arbitrary keys on the polluted object and, depending on usage, may cause denial of service,...

8.8CVSS8.7AI score0.09304EPSS
Exploits1References6Affected Software1
wpexploit
wpexploit
added 2022/12/23 12:0 a.m.340 views

User Post Gallery <= 2.19 - Unauthenticated RCE

The plugin does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it. Invoke the following curl command to execute the "id" command via PHP's exec function: curl -i...

9.8CVSS1.7AI score0.42723EPSS
Exploits2
Packet Storm
Packet Storm
added 2022/12/23 12:0 a.m.232 views

OpenTSDB 2.4.0 Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenTSDB 2.4.0 unauthenticated command injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in...

9.8CVSS0.1AI score0.8533EPSS
Exploits5
GithubExploit
GithubExploit
added 2022/12/22 5:52 p.m.4 views

Exploit for OS Command Injection in Gitlab

gitlabrcecve-2022-2884 This is a Python3 program that explo...

9.9CVSS9.7AI score0.75718EPSS
Exploits4
hivepro
hivepro
added 2022/12/22 10:30 a.m.15 views

New Exploit Method that Bypasses ProxyNotShell Mitigations

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new exploit method has been found in the mitigations of the Microsoft Exchange vulnerability ProxyNotShell URL rewrite that allows for remote code execution RCE on compromised servers through Outlook W...

3.7AI score
Exploits0
GithubExploit
GithubExploit
added 2022/12/22 9:35 a.m.387 views

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2022-41082-POC PoC for the CVE-2022-41082 NotProxyShell OW...

9.8CVSS8.7AI score0.99964EPSS
Exploits11
GithubExploit
GithubExploit
added 2022/12/22 9:35 a.m.340 views

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2022-41082-POC PoC for the CVE-2022-41082 NotProxyShell OW...

9.8CVSS8.7AI score0.99964EPSS
Exploits11
OSV
OSV
added 2022/12/22 3:31 a.m.93 views

GHSA-27H2-HVPR-P74Q jsonwebtoken has insecure input validation in jwt.verify function

Overview For versions =8.5.1 of jsonwebtoken library, if a malicious actor has the ability to modify the key retrieval parameter referring to the secretOrPublicKey argument from the readme link of the jwt.verify function, they can gain remote code execution RCE. Am I affected? This security issue...

7.6CVSS6.3AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/12/21 6:30 p.m.29 views

Apache Karaf vulnerable to potential code injection

This vulnerability is about a potential code injection when an attacker has control of the target LDAP server using in the JDBC JNDI URL. The function jaas.modules.src.main.java.porg.apache.karaf.jass.modules.jdbc.JDBCUtilsdoCreateDatasource uses InitialContext.lookupjndiName without filtering. A...

9.8CVSS9.6AI score0.02404EPSS
Exploits0References7Affected Software1
Prion
Prion
added 2022/12/21 4:15 p.m.24 views

Code injection

This vulnerable is about a potential code injection when an attacker has control of the target LDAP server using in the JDBC JNDI URL. The function jaas.modules.src.main.java.porg.apache.karaf.jass.modules.jdbc.JDBCUtilsdoCreateDatasource use InitialContext.lookupjndiName without filtering. An us...

7.5CVSS9.8AI score0.02404EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/12/21 3:23 p.m.37 views

CVE-2022-40145 Apache Karaf: JDBC JAAS LDAP injection

This vulnerable is about a potential code injection when an attacker has control of the target LDAP server using in the JDBC JNDI URL. The function jaas.modules.src.main.java.porg.apache.karaf.jass.modules.jdbc.JDBCUtilsdoCreateDatasource use InitialContext.lookupjndiName without filtering. An us...

10AI score0.02404EPSS
Exploits0References1
CVE
CVE
added 2022/12/21 3:23 p.m.102 views

CVE-2022-40145

Apache Karaf prior to 4.4.2 and 4.3.8 is affected by CVE-2022-40145 due to a lack of validation in JDBCUtils.doCreateDatasource when a JNDI LDAP data source URI is used. An attacker who controls the target LDAP server can trigger remote code execution by injecting a crafted JNDI name into Initial...

9.8CVSS9.9AI score0.02404EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/12/21 12:0 a.m.20 views

Fedora 35 : sysstat (2022-5adda2d05f)

The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-5adda2d05f advisory. Security fix for CVE-2022-39377 - arithmetic overflow in allocatestructures on 32 bit systems Tenable has extracted the preceding description block directly...

7.8CVSS7.2AI score0.01096EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/12/20 10:20 a.m.20 views

CVE-2022-46421 Apache Airflow Hive Provider: Hive Provider RCE vulnerability with hive_cli_params

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0...

9.8AI score0.0322EPSS
Exploits0References2
CVE
CVE
added 2022/12/20 12:0 a.m.69 views

CVE-2022-45942

CVE-2022-45942 is an RCE affecting baijiacms v4, specifically in includes/baijiacms/common.inc.php. The initial and connected records consistently identify a remote-code-execution vulnerability, with CVSSv3.1 base score 8.8 (HIGH) and network attack vector, low attack complexity, and no user inte...

8.8CVSS8.9AI score0.21987EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/12/19 1:41 p.m.40 views

CVE-2022-4063 InPost Gallery < 2.1.4.1 - Unauthenticated LFI to RCE

The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers...

9.7AI score0.09519EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2022/12/16 4:16 p.m.550 views

Exploit for Incorrect Authorization in Cacti

CVE-2022-46169 Cacti Blind Remote Code Execution Pre-Auth...

9.8CVSS10AI score0.99826EPSS
Exploits48
Rows per page
Query Builder