11236 matches found
Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager
CVE-2022-1388 CVE-2022-1388 F5 BIG-IP iControl REST Auth Byp...
CVE-2022-24439
All versions of package gitpython are vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git...
Design/Logic Flaw
The package simple-git before 3.15.0 are vulnerable to Remote Code Execution RCE when enabling the ext transport protocol, which makes it exploitable via clone method. This vulnerability exists due to an incomplete fix of CVE-2022-24066...
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
All versions of package gitpython is vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git...
CVE-2022-32224
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record 7.0.3.1, 6.1.6.1, 6.0.5.1 and 5.2.8.1 which could allow an attacker, that can manipulate data in the database via means like SQL injection, the ability to escalate to an RCE...
CVE-2022-32224
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record 7.0.3.1, 6.1.6.1, 6.0.5.1 and 5.2.8.1 which could allow an attacker, that can manipulate data in the database via means like SQL injection, the ability to escalate to an RCE...
Sql injection
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record 7.0.3.1, 6.1.6.1, 6.0.5.1 and 5.2.8.1 which could allow an attacker, that can manipulate data in the database via means like SQL injection, the ability to escalate to an RCE...
CVE-2022-32224
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record 7.0.3.1, 6.1.6.1, 6.0.5.1 and 5.2.8.1 which could allow an attacker, that can manipulate data in the database via means like SQL injection, the ability to escalate to an RCE...
CVE-2022-1540
The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files such as PHP leading to RCE...
Design/Logic Flaw
The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files such as PHP leading to RCE...
CVE-2022-1540 PostmagThemes Demo <= 1.0.7 - Admin+ Arbitrary File Upload
The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files such as PHP leading to RCE...
CVE-2022-1540
The CVE-2022-1540 issue affects the WordPress plugin PostmagThemes Demo Import, version 1.0.7 and earlier. The root cause is that the plugin does not validate the uploaded import file, enabling high-privilege users (e.g., admins) to upload arbitrary files (such as PHP), which can lead to remote c...
Return Refund and Exchange For WooCommerce < 4.0.9 - Unauthenticated Arbitrary File Upload
The plugin does not validate attachment files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files such as PHP and lead to RCE PoC 1. Install and activate woocommerce dependency, no setup required 2. Install and activate the...
Deserialization of Untrusted Data
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record 7.0.3.1, 6.1.6.1, 6.0.5.1 and 5.2.8.1 which could allow an attacker, that can manipulate data in the database via means like SQL injection, the ability to escalate to an RCE...
CVE-2022-32224
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record 7.0.3.1, 6.1.6.1, 6.0.5.1 and 5.2.8.1 which could allow an attacker, that can manipulate data in the database via means like SQL injection, the ability to escalate to an RCE...
CVE-2022-32224
CVE-2022-32224 : Rails/ActiveRecord YAML deserialization issue. YAML-serialized columns can be deserialized with YAML.unsafe_load, enabling an attacker who can manipulate data in the database (e.g., via SQL injection) to escalate to remote code execution (RCE). Affected Rails/ActiveRecord version...
CVE-2022-32224
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record 7.0.3.1, 6.1.6.1, 6.0.5.1 and 5.2.8.1 which could allow an attacker, that can manipulate data in the database via means like SQL injection, the ability to escalate to an RCE...
Remote Code Execution (RCE)
nvidia-cuda-toolkit is vulnerable to remote code execution. The vulnerability exists due to an integer overflow which allows an attacker to inject and execute malicious input...
Metasploit Weekly Wrap-Up
ProxyNotShell This week's Metasploit release includes an exploit module for CVE-2022-41082, AKA ProxyNotShell by DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q, Orange Tsai, Piotr Bazydło, Rich Warren, Soroush Dalili, and our very own Spencer McIntyre. The vulnerability CVE-2022-41082, AKA ProxyNotShell is a...
ManageEngine ServiceDesk Plus MSP < 13.0 Build 13000 RCE
A remote code execution vulnerability exists in ManageEngine ServiceDesk Plus MSP prior to 13.0 Build 13000 due to a flaw in the Analytics Plus integration input field validation. Vulnerability requires an administrator role access. The option to integrate Zoho Analytics will no longer be availab...