CVE-2018-1000639

LatexDraw version =4.0 contains a XML External Entity XXE vulnerability in SVG parsing functionality that can result in disclosure of data, server side request forgery, port scanning, possible rce. This attack appear to be exploitable via Specially crafted SVG file...

CVE-2018-1000639

LatexDraw version =4.0 contains a XML External Entity XXE vulnerability in SVG parsing functionality that can result in disclosure of data, server side request forgery, port scanning, possible rce. This attack appear to be exploitable via Specially crafted SVG file...

Xxe

LatexDraw version =4.0 contains a XML External Entity XXE vulnerability in SVG parsing functionality that can result in disclosure of data, server side request forgery, port scanning, possible rce. This attack appear to be exploitable via Specially crafted SVG file...

CVE-2018-1000639

LatexDraw version =4.0 contains a XML External Entity XXE vulnerability in SVG parsing functionality that can result in disclosure of data, server side request forgery, port scanning, possible rce. This attack appear to be exploitable via Specially crafted SVG file...

CVE-2018-1000639

The CVE-2018-1000639 entry concerns LatexDraw versions

See Orange Tsai how to use the four Bugs to achieve Amazon the collaborative platform of the RCE vulnerability-vulnerability warning-the black bar safety net

! Taiwan white cap Orange Tsai（Cai governance up invited to this session of the Black Hat USA and DEFCON 26 post subject speeches, in the Breaking Parser Logic! Take Your Path Normalization Off and Pop 0days Out of his speech, he shared how based on the“inconsistencies”in Security, Integrated the...

HP Ink Printers RCE Vulnerabilities (Faxploit)

Two security vulnerabilities have been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack or static buffer overflow, which could allow remote code execution RCE. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might...

Brave Software: `chrome://brave` available for navigation in Release build [-> RCE] + navigation to `chrome://*` using tab_helper ["Open in new tab"]

Summary: chrome://brave is available for navigation Navigation to chrome://brave + requires local file at . The file loaded in this context has access to private Muon APIs such as chrome.ipcRenderer/remote/webFrame/webViewRequest. Muon API allows executing code on the device. e.g. with...

Grammarly: `socket` command allows sending data over WebSockets to arbitrary origins from Grammarly Extension

Summary 1. Attacker could trigger Grammarly extension's socket command using a crafted page to perform WS connectionand data sending from extension's background page with cookies and origin to any URL. 2. Additionally, commands received from the attacker's server are handled by extension and coul...

Remote Code Execution (RCE)

Microsoft.ChakraCore is vulnerable to remote code execution. This is due to a type confusion with PathTypeHandlerBase::SetAttributesHelper which leads to memory corruption. This CVE ID is different from CVE-2018-8266, CVE-2018-8380, CVE-2018-8381...

Remote Code Execution (RCE)

Microsoft.ChakraCore is vulnerable to remote code execution RCE attacks. The library does not properly handle fixed deferred functions, leading to an Out-Of-Bounds read/write that can crash the application or cause arbitrary code to be executed...

Remote code execution

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft PowerPoint...

CVE-2018-8353

Technical details (affected products, vulnerable components, impact, exploitation) are not publicly provided in the connected documents supplied. Monitor for updates from official advisories and CVE records.

ASUSTOR ADM 3.1.0.RFQ3 - Remote Command Execution / SQL Injection Vulnerabilities

Exploit for cgi platform in category web applications Product - ASUSTOR ADM - 3.1.0.RFQ3 and all previous builds Vendor - https://www.asustor.com/ Patch Notes - http://download.asustor.com/download/docs/releasenotes/RNADM3.1.3.RHU2.pdf Issue: The Asustor NAS appliance on ADM 3.1.0 and before suff...

Foxit Reader 9.0.1.1049 Use-After-Free

%PDF 1 0 obj 2 0 obj /S /JavaScript /JS / --------------------------------------------------------------------------------------------------- Exploit Title : Foxit Reader RCE with DEP bypass on Heap with shellcode Date : 08/04/2018 4 Aug Exploit Author : Manoj Ahuje Tested on : Windows 7 Pro x32...

Patch Tuesday: Microsoft Addresses Two Zero-Days in 60-Flaw Roundup

Microsoft has rolled out its August Patch Tuesday fixes, addressing 19 critical vulnerabilities, including fixes for two zero-day vulnerabilities that are under active attack. Overall, the company patched a total of 60 flaws, spanning Microsoft Windows, Edge, Internet Explorer IE, Office, .NET...

CVE-2018-14429

CVE-2018-14429 affects man-cgi before 1.16. Summary: Local File Inclusion via absolute path traversal using a crafted cgi-bin/man-cgi? URL (example: /cgi-bin/man-cgi?/etc/passwd). Root cause: the script’s handling of the parameter leads to reading local files by calling the man command. Impact: i...

Microsoft PowerPoint CVE-2018-8376 Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

ASUSTOR NAS ADM 3.1.0 Remote Command Execution / SQL Injection

Product - ASUSTOR ADM - 3.1.0.RFQ3 and all previous builds Vendor - https://www.asustor.com/ Patch Notes - http://download.asustor.com/download/docs/releasenotes/RNADM3.1.3.RHU2.pdf Issue: The Asustor NAS appliance on ADM 3.1.0 and before suffer from multiple critical vulnerabilities. The...

Oracle Weblogic Server - Deserialization Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Oracle Weblogic Server Deserialization RCE', 'Description' = %q An unauthenticated attacker with network...