11230 matches found
CVE-2024-41361
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\manageFilesFolders.php...
Important: Red Hat Security Advisory: git security update
An update for git is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as havin...
Important: Red Hat Security Advisory: git security update
An update for git is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as havin...
Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks
A years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet. CVE-2024-7029 CVSS score: 8.7, the vulnerability in question, is a "command injection vulnerability found in the brightness function of AVTECH closed-circui...
Exploit for Improper Input Validation in Cacti
CVE-2024-25641 - Cacti 1.2.26 - Arbitrary file write to RCE 🌵...
CVE-2024-41364
CVE-2024-41364 affects RPi-Jukebox-RFID 2.7.0. The vulnerability enables remote code execution via htdocs\trackEdit.php (network attack, no authentication, no user interaction). CVSS v3.1 metrics indicate a critical impact (C/H/I/A = High) with network access and low attack complexity. Exploitati...
CVE-2024-41368
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\inc.setWlanIpMail.php...
CVE-2024-41364
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\trackEdit.php...
CVE-2024-41369
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\inc.setWifi.php...
RHEL 8 : git (RHSA-2024:6028)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6028 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a...
pgAdmin Binary Path API RCE
pgAdmin use exploit/windows/http/pgadminbinarypathapi msf exploitpgadminbinarypathapi show targets ...targets... msf exploitpgadminbinarypathapi set TARGET msf exploitpgadminbinarypathapi show options ...show and set options... msf exploitpgadminbinarypathapi exploit This module requires...
Exploit for CVE-2024-7954
CVE-2024-7954 This exploit will attempt to execute system comm...
Windows TCP/IP - RCE Checker and Denial of Service
!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: Windows IPv6 CVE-2024-38063 Checker and Denial-Of-Service Date: 2024-08-07 Exploit Author: Photubias Vendor Homepage: https://microsoft.com Vendor Advisory: 1 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063 Version:...
Exploit for Improper Input Validation in Cacti
Cacti CVE-2024-25641 Authenticated Package Upload RCE Proof of...
CVE-2024-44341
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...
Exploit for Improper Input Validation in Cacti
CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26 Fully auto...
CVE-2024-44342
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the wl0.0ssid parameter. This vulnerability is exploited via a crafted POST request...
CVE-2024-44340
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via keys smartqosexpressdevices and smartqosnormaldevices in SetSmartQoSSettings...
CVE-2024-44341
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...
Ray Agent Job Remote Code Execution Exploit
This Metasploit modules demonstrates remote code execution in Ray via the agent job submission endpoint. This is intended functionality as Ray's main purpose is executing arbitrary workloads. By default Ray has no authentication. This module requires Metasploit: https://metasploit.com/download...