343 matches found
DNSStager - Hide Your Payload In DNS
DNSStager is an open-source project based on Python used to hide and transfer your payload using DNS. DNSStager will create a malicious DNS server that handles DNS requests to your domain and return your payload as a response to specific record requests such as AAAA or TXT records after splitting...
CVE-2021-31505
This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus 1.9.0.3278. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSH service. The device can be booted into a special operation mod...
CVE-2021-31505
This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus 1.9.0.3278. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSH service. The device can be booted into a special operation mod...
CVE-2021-1557
Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. These vulnerabilities are due to insufficient restrictions during the execution of affected CLI...
SUSE: Security Advisory (SUSE-SU-2020:1533-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-28249
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the FtpCollector executable is ru...
CVE-2021-26720
avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects th...
PT-2021-7394 · Debian +2 · Avahi +2
Name of the Vulnerable Software and Affected Versions: avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 Description: The issue is related to the execution of avahi-daemon-check-dns.sh as root via /etc/network/if-up.d/avahi-daemon, allowing a local attacker to cause a denial of...
UBUNTU-CVE-2021-25311
condorcredd in HTCondor before 8.9.11 allows Directory Traversal outside the SECCREDENTIALDIRECTORYOAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root...
CVE-2020-27555
Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to execute arbitrary system commands as the root user...
VulnCheck KEV: CVE-2025-34054
An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgiquery. The use of wget without input sanitization allows attackers to inject shell commands through the username or queryb64str parameters, executing commands as root. Exploitation evidence...
CVE-2020-26574
Leostream Connection Broker 8.2.x is affected by stored XSS. An unauthenticated attacker can inject arbitrary JavaScript code via the webquery.pl User-Agent HTTP header. It is rendered by the admins the next time they log in. The JavaScript injected can be used to force the admin to upload a...
Cross site scripting
Leostream Connection Broker 8.2.x is affected by stored XSS. An unauthenticated attacker can inject arbitrary JavaScript code via the webquery.pl User-Agent HTTP header. It is rendered by the admins the next time they log in. The JavaScript injected can be used to force the admin to upload a...
CVE-2020-26574
Leostream Connection Broker 8.2.x is affected by a stored XSS via the webquery.pl User-Agent header. An unauthenticated attacker can inject JavaScript that is rendered when admins log in, potentially forcing the admin to upload a malicious Perl script that could be executed as root through libMis...
PT-2020-16465 · Leostream · Leostream Connection Broker
Name of the Vulnerable Software and Affected Versions: Leostream Connection Broker versions 8.2.x Description: The issue allows an unauthenticated attacker to inject arbitrary JavaScript code via the User-Agent HTTP header in the webquery.pl file. This code is rendered by administrators the next...
Buffer overflow
A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication...
CVE-2020-14510 OFF-BY-ONE ERROR CWE-193
GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing an unprivileged attacker to execute commands as root...
X.Org Server Pixel Data Uninitialized Memory Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processi...
Cisco SD-WAN vManage Software License Issue Vulnerability
Cisco SD-WAN vManage Software is a management software for SD-WAN Software Defined Wide Area Network solutions from Cisco. An authorization issue vulnerability exists in the CLI in Cisco SD-WAN vManage Software that stems from insufficient input validation. A local attacker can exploit the...
CVE-2020-15397
HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users e.g., locations under /var/spool/hylafax that are writable by the uucp account. This allows these users to execute code in the context of the user calling these binarie...