1849 matches found
Kramer VIAware - Remote Code Execution Exploit
Exploit Title: Remote Code Execution as Root on KRAMER VIAware Exploit Author: sharkmoos Vendor Homepage: https://www.kramerav.com/ Software Link: https://www.kramerav.com/us/product/viaware Version: Tested on: ViaWare Go Linux CVE : CVE-2021-35064, CVE-2021-36356 import sys, urllib3 from request...
Kramer VIAware - Remote Code Execution (RCE) (Root)
Exploit Title: Remote Code Execution as Root on KRAMER VIAware Date: 31/03/2022 Exploit Author: sharkmoos Vendor Homepage: https://www.kramerav.com/ Software Link: https://www.kramerav.com/us/product/viaware Version: Tested on: ViaWare Go Linux CVE : CVE-2021-35064, CVE-2021-36356 import sys,...
SUSE: Security Advisory (SUSE-SU-2022:1105-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Out-Of-Bounds Reads
netatalk is vulnerable to out of bound reads. The vulnerability exists due to lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer which allows an attacker to execute arbitrary code in the context of root...
CVE-2022-28223
Tekon KIO devices through 2022-03-30 allow an authenticated admin user to escalate privileges to root by uploading a malicious Lua plugin...
CVE-2022-28223
Tekon KIO devices (up to 2022-03-30) are affected. An authenticated admin can escalate to root by uploading a malicious Lua plugin , enabling privilege escalation with high impact. The documents do not specify exact affected versions/models, root-cause details, or a published fix. No exploitation...
(Pwn2Own) Netgear R6700v3 NetUSB Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of proper validatio...
(Pwn2Own) Netatalk get_finderinfo Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getfinderinfo method. The issue results from the lack of proper validation of...
(Pwn2Own) Netatalk copyapplfile Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the copyapplfile function. When parsing the len element, the process does not properly validate...
(Pwn2Own) Netatalk parse_entries Improper Handling of Exceptional Conditions Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parseentries function. The issue results from the lack of proper error handling when parsin...
CVE-2020-36123
saitoha libsixel v1.8.6 was discovered to contain a double free via the component sixelchunkdestroy at /root/libsixel/src/chunk.c...
Double free
saitoha libsixel v1.8.6 was discovered to contain a double free via the component sixelchunkdestroy at /root/libsixel/src/chunk.c...
USN-5260-2: Samba vulnerability | Cloud Foundry
Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Orange Tsai discovered that the Samba vfsfruit module incorrectly handled certain memory operations. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or...
Siemens SINUMERIK MC Elevation of Privilege Vulnerability
SINUMERIK MC is a CNC system for customized machine solutions. SINUMERIK ONE is a digital native CNC. An elevation of privilege vulnerability exists in Siemens SINUMERIK MC, which can be exploited by an attacker to escalate its privileges to root...
CVE-2022-24408
A vulnerability has been identified in SINUMERIK MC All versions V1.15 SP1, SINUMERIK ONE All versions V6.15 SP1. The sc SUID binary on affected devices provides several commands that are used to execute system commands or modify system files. A specific set of operations using sc could allow loc...
(Pwn2Own) Cisco RV340 JSON RPC file-copy Command Injection Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Cisco RV340 routers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...
FreeBSD : seatd-launch -- remove files with escalated privileges with SUID (1cd565da-455e-41b7-a5b9-86ad8e81e33e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1cd565da-455e-41b7-a5b9-86ad8e81e33e advisory. - Kenny Levinsen reports: seatd-launch could use a user-specified socket path instead of the internally...
Exploit for Out-of-bounds Write in Polkit_Project Polkit
CVE-2021-4034 - Proof Of Concept This POC exploits GLib's...
Parallels Desktop Service Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Parallels...
GO-2021-0223 Certificate verification error on Windows in crypto/x509
On Windows, if VerifyOptions.Roots is nil, Certificate.Verify does not check the EKU requirements specified in VerifyOptions.KeyUsages. This may allow a certificate to be used for an unintended purpose...