Veeam Service Provider Console Vulnerability (CVE-2024-42448 | CVE-2024-42449)

Veeam Software Security Commitment Veeam® is committed to ensuring its products protect customers from potential risks. As part of that commitment, we operate a Vulnerability Disclosure Program VDP for all Veeam products and perform extensive internal code audits. When a vulnerability is...

Asterisk AMI Originate Authenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Asterisk AMI Originate Authenticated RCE', 'Description' = %q On Asterisk, prior to versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk...

Imperva Defends Against LLM Hacking

In the evolving landscape of cybersecurity, the advent of large language models LLMs has introduced a new frontier of challenges and opportunities. Research has shown advanced LLMs, such as GPT-4, now possess the ability to autonomously execute sophisticated cyberattacks, including blind database...

Asterisk AMI Originate Authenticated RCE

On Asterisk, prior to versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with 'write=originate' may change all configuration files in the '/etc/asterisk/' directory. Writing a new extension can be created which performs a system command to...

veraPDF CLI has potential XXE (XML External Entity Injection) vulnerability

Impact Executing policy checks using custom schematron files via the CLI invokes an XSL transformation that may theoretically lead to a remote code execution RCE vulnerability. Patches We are currently working on a patch that will be released when ready. Workarounds This doesn't affect the standa...

CVE-2024-53375

An Authenticated Remote Code Execution RCE vulnerability affects the TP-Link Archer router series. A vulnerability exists in the "tmpgetsites" function of the HomeShield functionality provided by TP-Link. This vulnerability is still exploitable without the activation of the HomeShield functionali...

Exploit for Cross-site Scripting in Wondercms

CVE-2023-41425 CVE-2023-41425 XSS to RCE, Wonder CMS 3.2.0 &l...

CVE-2024-52800

The CVE-2024-52800 issue affects veraPDF: when executing policy checks via the CLI using custom Schematron-based policy files, an XSL transformation may enable a remote code execution (RCE) or XXE-type vector. The vulnerability concerns the policy-check workflow (policy profiles with user-provide...

CVE-2024-52800 Potential XXE (XML External Entity Injection) vulnerability in veraPDF CLI

veraPDF is an open source PDF/A validation library. Executing policy checks using custom schematron files via the CLI invokes an XSL transformation that may theoretically lead to a remote code execution RCE vulnerability. This doesn't affect the standard validation and policy checks functionality...

CVE-2024-52800 Potential XXE (XML External Entity Injection) vulnerability in veraPDF CLI

veraPDF is an open source PDF/A validation library. Executing policy checks using custom schematron files via the CLI invokes an XSL transformation that may theoretically lead to a remote code execution RCE vulnerability. This doesn't affect the standard validation and policy checks functionality...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Nov 2024

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF004 Vulnerability Details CVEID:CVE-2024-38821 DESCRIPTION: VMware Tanzu Spring Security could allow a remote attacker to bypass security...

Exploit for Cross-site Scripting in Wondercms

CVE-2023-41425-WonderCMS-Authenticated-RCE Description Won...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2022-26134-poc CVE-2022-26134 is a Remote Code Exec...

CVE-2024-11543 IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability

IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

CVE-2024-5581

Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the unzipFile method. The...

CVE-2023-51643

Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...

CVE-2023-51635 NETGEAR RAX30 fing_dil Stack-based Buffer Overflow Remote Code Execution Vulnerability

NETGEAR RAX30 fingdil Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw...

Exploit for CVE-2024-9441

CVE-2024-9441-POC CVE-2024-9441 is a command injection vulner...

WordPress Rank Math SEO Plugin <= 1.0.231 is vulnerable to Remote Code Execution (RCE)

Software Rank Math SEO Type Plugin Vulnerable versions = 1.0.231 Fixed in 1.0.232 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-11620 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID fa39a0816eed Credits Rafie Muhammad Patchstack...

Ivanti EPM Agent Portal Command Execution

This module leverages an unauthenticated RCE in Ivanti's EPM Agent Portal where a RPC client can invoke a method which will run an attacker-specified string on the remote target as NT AUTHORITY\SYSTEM. This vulnerability is present in versions prior to EPM 2021.1 Su4 and EPM 2022 Su2. Module...