Shenzhen C-Data CD7201 Command Injection / Cross Site Scripting Vulnerability

Shenzhen C-Data CD7201 with software version 2.4.6b and firmware version 7.1.0 suffer from authentication bypass, command injection, and cross site scripting vulnerabilities. Title: Shenzhen C-Data CD7201 / Multiple Vulnerabilities Date: 10/09/2016 Discovered by: @codexlynx Vendor: Shenzhen C-Dat...

Microsoft Chakra Array JIT Optimization Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

Apache Struts 2.3.x Showcase App Struts 1 Plugin ActionMessage Class Error Message Input Handling RCE (S2-048)

The version of Apache Struts running on the remote Windows host is 2.3.x. It is, therefore, potentially affected by a remote code execution vulnerability in the Struts 1 plugin showcase app in the ActionMessage class due to improper validation of user-supplied input passed via error messages. An...

Foxit PhantomPDF Arbitrary Write RCE Vulnerability - Windows

Foxit PhantomPDF is prone to an arbitrary write vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Foxit Reader Arbitrary Write RCE Vulnerability - Windows

Foxit Reader is prone to an arbitrary write RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

U.S. Dept Of Defense: Remote Code Execution (RCE) in a DoD website

Summary: One of the DoD applications uses a java library which is vulnerable to expression language injection. Using only an URL I was able to inject java code. I made a simple PoC that requests a name resolution to a DNS server. Description: The application at https://███ uses Primefaces version...

SUSE SLED12 / SLES12 Security Update : Recommended update for ncurses (SUSE-SU-2017:1815-1)

This update for ncurses fixes the following issues: Security issues fixed : - CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmtentry function. bsc1046858 - CVE-2017-10685: Possible RCE with format string vulnerability in the fmtentry function. bsc1046853 Bugfixes : - Drop...

struts2 and double 叒 叕 a high-risk vulnerability S2-048-the vulnerability warning-the black bar safety net

Vulnerability ID: CVE-2017-9791 Vulnerability author: icez ic3zqq.com Affected version: Struts 2.3. x Vulnerability rating: high risk Vulnerability Brief Description: When the Struts 2 in Struts 1 Plug-in is enabled, an attacker through the use of malicious field values may cause the RCE. These...

Cisco WebEx Network Recording Player ARF File RCE (cisco-sa-20170621-wnrp)

The version of Cisco WebEx Network Recording Player installed on the remote host is affected by a remote code execution vulnerability due to multiple buffer overflow conditions in the Advanced Recording Format ARF file player. An unauthenticated, remote attacker can exploit this, by convincing a...

Cisco IOS XE SNMP Packet Handling Remote Buffer Overflow Multiple RCE (cisco-sa-20170629-snmp)

According to its self-reported version and configuration, the Cisco IOS XE software running on the remote device is affected by multiple remote code execution vulnerabilities in the Simple Network Management Protocol SNMP subsystem due to multiple buffer overflow conditions. An unauthenticated,...

Veritas Backup Exec Remote Agent 14.1.x < 14.1.1786.1126 / 14.2.x < 14.2.1180.3160 / 16.0.x < 16.0.1142.1327 Use-after-free RCE (VTS17-006)

The version of Vertias Backup Exec Remote Agent installed on the remote Windows host is 14.1.x prior to 14.1.1786.1126, 14.2.x prior to 14.2.1180.3160, or 16.0.x prior to 16.0.1142.1327. It is, therefore, affected by a remote code execution vulnerability due to a use-after-free error that is...

CVE-2017-0682

CVE-2017-0682 : A remote code execution vulnerability in the Android media framework affecting Android 7.0, 7.1.1, and 7.1.2. Connected sources describe an RCE in the media framework (no root cause details provided) and note patches were released via the July 2017 Android security bulletin. Explo...

Fedora 25 : php-horde-Horde-Image (2017-6f7d6fbccc)

HordeImage 2.5.1 - mjr SECURITY: Fix more potential places for command injections. ---- HordeImage 2.5.0 - mjr SECURITY: Prevent DOS attack by preventing an infinite loop in certain conditions CVE-2017-9773, reported by Fariskhi Vidyan. - mjr SECURITY: Prevent RCE attacks by properly sanitizing...

SA151: ImageMagick RCE Vulnerability (ImageTragick)

SUMMARY Symantec Network Protection products using affected versions of ImageMagick are susceptible to the ImageTragick security vulnerability. A remote attacker can send crafted images and execute arbitrary code on the target. AFFECTED PRODUCTS The following products are vulnerable: Security...

Remote Code Execution (RCE)

Moodle is vulnerable to remote code execution RCE. A malicious user can use the portfolio API callback to upload and execute malicious files...

Remote Code Execution (RCE) Through YAML Deserialization

mcollective-client is vulnerable to Remote Code Execution RCE Through YAML Deserialization. The library uses the insecure YAML.load method to deserialize yaml files. This can allow a malicious user to inject and execute arbitrary code by sending a yaml file to the system...

BestSafe Browser - MITM Remote Code Execution Vulnerability

Exploit for Android platform in category remote exploits Exploit Title: BestSafe Browser FREE NoAds - Remote Code Execution Exploit Author: MaXe Vendor Homepage: https://play.google.com/store/apps/details?id=a1.bestsafebrowser.com Software Link: See APK archive websites Screenshot: Refer to...

Apache Tomcat RCE Vulnerability (Nov 2016)

Apache Tomcat is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

NETGEAR DGN2200 CVE-2017-6334 RCE Vulnerability

NETGEAR DGN2200 is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Word MTA Handler Remote Code Execution

Exploit Author: Juan Sacco at KPN Red Team Developed using Exploit Pack - http://www.exploitpack.com Description: Microsoft Word CVE-2017-0199 is prone to a RCE trough a HTA Handler A remote code execution vulnerability exists in the way that Microsoft Office and WordPad parse specially crafted...