CVE-2024-47175 libppd's ppdCreatePPDFromIPP2 function does not sanitize IPP attributes when creating the PPD buffer

CUPS is a standards-based, open-source printing system, and libppd can be used for legacy PPD file support. The libppd function ppdCreatePPDFromIPP2 does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as cfGetPrinterAttributes5, can...

CVE-2024-46628

Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution RCE vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function...

CVE-2024-46628

Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution RCE vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function...

CVE-2024-46628

The CVE-2024-46628 entry concerns the Tenda G3 Router, firmware version 15.03.05.05, with a remote code execution (RCE) vulnerability exploitable via the usbPartitionName parameter in the formSetUSBPartitionUmount function. The root cause is stated as improper handling/sanitization of special ele...

Remote command execution in promptr

A remote command execution RCE vulnerability in promptr v6.0.7 allows attackers to execute arbitrary commands via a crafted URL...

CVE-2024-46489

A remote command execution RCE vulnerability in promptr v6.0.7 allows attackers to execute arbitrary commands via a crafted URL...

OpenSMTPD 6.4.0 < 6.6.2p1 RCE Vulnerability - Active Check

OpenSMTPD is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits

SafeLine is a self-hosted WAFWeb Application Firewall to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL...

Car Rental Project 1.0 Code Injection

============================================================================================================================================= | Title : Car Rental Project 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0...

CVE-2024-23934 Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. User interaction is required to exploit this vulnerability in that the target...

CVE-2024-37779

WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution RCE vulnerability via the Apache Ant script functionality...

Exploit for CVE-2024-8504

ViciDial Exploit Suite Author: Havok Project URL: Vi...

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

Ini adalah poc agak tidak stabil untuk CVE-2024-38063https:...

CVE-2024-42323

SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat incubating. This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat incubating: before 1.6.0. Users are recommended to upgrade to version 1.6.0, which fixes the issue...

CVE-2024-42323 Apache HertzBeat: RCE by snakeYaml deser load malicious xml

SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat incubating. This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat incubating: before 1.6.0. Users are recommended to upgrade to version 1.6.0, which fixes the issue...

CVE-2024-42323 Apache HertzBeat: RCE by snakeYaml deser load malicious xml

SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat incubating. This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat incubating: before 1.6.0. Users are recommended to upgrade to version 1.6.0, which fixes the issue...

CVE-2024-42323

Apache HertzBeat (incubating) before version 1.6.0 is affected by a SnakeYAML deserialization vulnerability that enables remote code execution. The issue stems from insecure deserialization of YAML/XML data and is exploitable by authorized attackers. Upgrade to 1.6.0 to fix the issue.

Exploit for Missing Authentication for Critical Function in Jetbrains Teamcity

TeamCity Exploit Cve 2023 42793 A quick script to exploit the...

CVE-2024-46983 Remote Command Execution(RCE) Vulnerbility in sofa-hessian

sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But there is a gadget chain that can bypass the SOFA Hessian blackli...

CVE-2024-8375 Object deserialization in Reverb leading to RCE

There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on each instance...