CMS Made Simple 2.2.15 Remote Command Execution

Exploit Title: CMS Made Simple 2.2.15 - RCE Authenticated Author: Andrey Stoykov Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Version: 2.2.15 Tested on: Debian 10 LAMPP Exploit and Detailed Info:...

CMS Made Simple 2.2.15 - RCE (Authenticated)

Exploit Title: CMS Made Simple 2.2.15 - RCE Authenticated Author: Andrey Stoykov Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Version: 2.2.15 Tested on: Debian 10 LAMPP Exploit and Detailed Info:...

Metasploit Tips and Tricks for HaXmas 2020

For this year's HaXmas, we're giving the gift of Metasploit knowledge! We'll cover a mix of old, new, or recently improved features that you can incorporate into your workflows. Some of our readers may already know these tips and tricks for using Metasploit, but for the others who aren't aware of...

The vulnerability of the Pillow image processing library, related to writing data beyond the buffer boundary in memory during the conversion from SGI images to RLE format, allows a hacker to trigger a service denial.

The vulnerability of the Pillow image processing library is related to the writing of data beyond the buffer boundary in memory during the conversion of SGI images to RLE format. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

Mozilla Firefox Memory Corruption Code Execution Vulnerability

Mozilla Firefox is an open source web browser. A memory corruption vulnerability exists in Mozilla Firefox, which can be exploited by a remote attacker to submit a specially crafted web request and trick the user into parsing it, which can cause the application to crash or execute arbitrary code ...

The vulnerability of the microprogramming software of Cisco IOS XE routing devices in the Cisco Catalyst 9800 Series is related to access control errors. This vulnerability allows a attacker to send ICMPv6 traffic until the client enters a RUN state.

The vulnerability of the microprogramming software in Cisco IOS XE wireless communication controller and Cisco Catalyst 9800 Series routers is related to access control errors. Exploiting this vulnerability allows a malicious actor to send ICMPv6 traffic until the client enters a RUN state...

postgresql: Multiple features escape "security restricted operation" sandbox

A flaw was found in postgresql. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

Mozilla Firefox 缓冲区错误漏洞

Mozilla Firefox is an open source web browser. A memory corruption vulnerability exists in Mozilla Firefox, which can be exploited by a remote attacker to submit a specially crafted web request and trick the user into parsing it, which can cause the application to crash or execute arbitrary code ...

Microsoft Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability

Microsoft Visual Studio is a family of development tool suites from Microsoft, and a largely complete development toolset that includes most of the tools needed throughout the software life cycle. A remote code execution vulnerability exists in Microsoft Visual Studio. An attacker could exploit t...

Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family Improper Access Control (cisco-sa-ewlc-icmpv6-qb9eYyCR)

According to its self-reported version, Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9000 Family Routers is affected by an improper access control vulnerability due to an incomplete access control list ACL being applied prior to RUN state. An attacker could exploit this...

CVE-2020-25499

TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's 'Run Command'. An attacker can use this functionality to execute arbitrary OS commands on the router...

CVE-2020-25499

TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's 'Run Command'. An attacker can use this functionality to execute arbitrary OS commands on the router...

Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Dec 2020)

This host is missing an important security update according to Microsoft Office Click-to-Run updates. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

PT-2020-16101 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002RU version 2.0.0 B20190814.1034 Description: The issue allows authenticated remote users to modify the system's 'Run Command'. An attacker can use this functionality to execute arbitrary OS commands on the router. Recommendation...

December 1, 2020, update for Office 2016 (KB4486746)

December 1, 2020, update for Office 2016 KB4486746 This article describes update 4486746 for Microsoft Office 2016 that was released on December 1, 2020.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply...

nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function

A flaw was found in nodejs-ajv. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code...

December 1, 2020, update for Office 2016 (KB4486668)

December 1, 2020, update for Office 2016 KB4486668 This article describes update 4486668 for Microsoft Office 2016 that was released on December 1, 2020.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply...

Command Execution Vulnerability in Ocean CMS (CNVD-2020-69482)

Ocean CMS seacms, Ocean Video Management System is a video-on-demand system designed for webmasters with different needs. A command execution vulnerability exists in the background of Ocean CMS. Attackers can use this vulnerability to write malicious code to execute system commands and obtain...

GaussDB Kernel: Configuring the Log Name

The parameter logfilename specifies the server run log file name. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Nov 2020)

This host is missing an important security update according to Microsoft Office Click-to-Run updates. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...