CVE-2021-31761

Webmin 1.973 is affected by reflected Cross Site Scripting XSS to achieve Remote Command Execution through Webmin's running process feature...

Beware of scammers impersonating Malwarebytes

Scammers love to bank on the good name of legitimate companies to gain the trust of their intended targets. Recently, it came to our attention that a cybercriminal is using fake websites for security products to spread malware. One of those websites was impersonating the Malwarebytes brand. Image...

CVE-2023-4480

Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write fil...

CVE-2023-4480 Arbitrary File Read in Fusion File Manager

Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write fil...

SUSE Linux Enterprise Server 路径遍历漏洞

SUSE Linux Enterprise Server is a suite of enterprise server edition Linux operating systems from SUSE Germany. A path traversal vulnerability exists in SUSE Linux Enterprise Server. A remote attacker could use this vulnerability to read the files of a user running a process. The following produc...

CVE-2021-27570

An issue was discovered in Emote Remote Mouse through 3.015. Attackers can close any running process by sending the process name in a specially crafted packet. This information is sent in cleartext and is not protected by any authentication logic...

Authentication flaw

An issue was discovered in Emote Remote Mouse through 3.015. Attackers can close any running process by sending the process name in a specially crafted packet. This information is sent in cleartext and is not protected by any authentication logic...

Cross site request forgery (csrf)

Webmin 1.973 is affected by Cross Site Request Forgery CSRF to achieve Remote Command Execution RCE through Webmin's running process feature...

DEBIAN-CVE-2019-14907

All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" or above then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP...

CVE-2019-5029

An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7.1. Arbitrary shell commands surrounded by backticks or $ can be inserted into the editor and will be executed by the Exhibitor process when it launches ZooKeeper. An attacker c...

Remote Symbol Resolution

Introduction The following blog discusses a couple of common techniques that malware uses to obscure its access to the Windows API. In both forms examined, analysts must calculate the API start address and resolve the symbol from the runtime process in order to determine functionality. After...

Framework: directory traversal flaw

A directory traversal flaw was found in the way the Spring Framework sanitized certain URLs. A remote attacker could use this flaw to obtain any file on the file system that was also accessible to the process in which the Spring web application was running...

SAP Netweaver ABAP msg_server.exe Parameter Value Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP NetWeaver ABAP. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way SAP NetWeaver handles packages with opcode 0x43. If a package with sub opco...

Mandriva Linux Security Advisory : mozilla (MDVSA-2011:127)

Security issues were identified and fixed in mozilla firefox and thunderbird : Mozilla developers and community members identified and fixed several memory safety bugs in the browser engine used in Firefox 3.6 and other Mozilla-based products. Some of these bugs showed evidence of memory corrupti...

linux/x86 sys_kill(-1,9) kill all running process shellcode 11 bytes

Exploit for linux/x86 platform in category shellcode ==================================================================== linux/x86 syskill-1,9 kill all running process shellcode 11 bytes ==================================================================== /...

linux/x86 - kill all running process

kill all running process x86/linux. Shellcode exploit for linux platform / 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote,...

CVE-2007-3912

checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process...

CVE-2005-2679

Buffer overflow in Sysinternals Process Explorer 9.23, and other versions before 9.25, allows local users to execute arbitrary code via a long CompanyName field in the VersionInfo information in a running process...