Xerox Printers Authenticated Remote Code Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Authenticated Remote Code Execution product: Multiple Xerox printers EC80xx, AltaLink, VersaLink, WorkCentre vulnerable version: see vulnerable versions below fixed...

CVE-2024-48063

In PyTorch =2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing...

Duplicate Advisory: pyload-ng vulnerable to RCE with js2py sandbox escape

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r9pp-r4xf-597r. This link is maintained to preserve external references. Original Description An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via...

CVE-2024-48074

An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/mainfunction.cgi route, and finally the command is executed by the system function...

Exploit for Out-of-bounds Write in Tenda Ac8_Firmware

CVE-2023-33669 Exploit Exploit for a stack overflow vulnerabi...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-2756)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-48074

DrayTek Vigor2960 (v1.4.4) exposes an authorized RCE via the table parameter in the doPPPoE function (cgi-bin/mainfunction.cgi); an attacker can inject a command that is executed by the system function. Impact is high per CVSS metrics. Remediation/workaround from PT-2024-7515: temporarily disable...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-2774)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-48074

An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/mainfunction.cgi route, and finally the command is executed by the system function...

CVE-2024-37845

MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the Active Process Command feature...

CVE-2024-37845

MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the Active Process Command feature...

CVE-2024-37845

MangoOS is affected by CVE-2024-37845: versions prior to 5.2.0 expose an authenticated remote code execution (RCE) vulnerability through the Active Process Command feature. The issue is confirmed by multiple sources in the connected set (including PT-2024-27779 and Red Hat/NVD records). Impact de...

Microsoft Endpoint Configuration Manager RCE (KB29166583)

The Microsoft Endpoint Configuration Manager application installed on the remote host is missing a security hotfix documented in KB29166583. It is, therefore, affected by a remote code execution vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the...

CVE-2024-47881 OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)

OpenRefine is a free, open source tool for working with messy data. Starting in version 3.4-beta and prior to version 3.8.3, in the database extension, the "enableloadextension" property can be set for the SQLite integration, enabling an attacker to load local or remote extension DLLs and so run...

CVE-2024-47881 OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)

OpenRefine is a free, open source tool for working with messy data. Starting in version 3.4-beta and prior to version 3.8.3, in the database extension, the "enableloadextension" property can be set for the SQLite integration, enabling an attacker to load local or remote extension DLLs and so run...

Butterfly has path/URL confusion in resource handling leading to multiple weaknesses

Summary The Butterfly framework uses the java.net.URL class to refer to what are expected to be local resource files, like images or templates. This works: "opening a connection" to these URLs opens the local file. However, if a file:/ URL is directly given where a relative path resource name is...

GHSA-87CF-J763-VVH8 OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)

Summary In the database extension, the "enableloadextension" property can be set for the SQLite integration, enabling an attacker to load local or remote extension DLLs and so run arbitrary code on the server. The attacker needs to have network access to the OpenRefine instance. Details The...

OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)

Summary In the database extension, the "enableloadextension" property can be set for the SQLite integration, enabling an attacker to load local or remote extension DLLs and so run arbitrary code on the server. The attacker needs to have network access to the OpenRefine instance. Details The...

Exploit for Cross-site Scripting in Netgate Pfsense

This post is a research article published by EQSTLabhttps://g...

Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo_Lms

CVE-2023-4220-RCE Summary Starlabs advisoryhtt...