11967 matches found
CVE-2017-5765
...
CVE-2017-5764
...
CVE-2017-5718
...
OpenEMR 5.0.0 Remote Shell Upload
Exploit Title: OpenEMR 5.0.0 - Remote Code Execution Authenticated Date 10.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://sourceforge.net/projects/openemr/files/OpenEMR%20Current/5.0.0/openemr-5.0.0.zip/download Version: 5.0.0 Teste...
OSV-2021-847 Heap-buffer-overflow in frame_get_vlmetalayers
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35086 Crash type: Heap-buffer-overflow READ Crash state: framegetvlmetalayers frametoschunk blosc2schunkfrombuffer...
Command Execution Vulnerability in the Second Generation Firewall of Shenzhen Netcom Technology Co.
Ltd. was established in 2004, is a national high-tech enterprise specializing in the research and development, production, sales and service of products in the field of network information security. The second generation firewall of Shenzhen Netvantage Technology Co., Ltd. has a command execution...
Rocket.Chat 3.12.1 - NoSQL Injection to Remote Code Execution (Unauthenticated) Exploit
Title: Rocket.Chat 3.12.1 - NoSQL Injection to RCE Unauthenticated Author: enox Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 3.12.1 CVE: CVE-2021-22911 Credits: https://blog.sonarsource.com/nosql-injections-in-rocket-chat !/usr/bin/python import requests impo...
GSD-2021-1000624 btrfs: return whole extents in fiemap
btrfs: return whole extents in fiemap This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.124 by commit 55575c08502f291cdeff09428189b84084ffa91...
Gitlab 13.10.2 - Remote Code Execution (Authenticated)
Exploit Title: Gitlab 13.10.2 - Remote Code Execution Authenticated Date: 04/06/2021 Exploit Author: enox Vendor Homepage: https://about.gitlab.com/ Software Link: https://gitlab.com/ Version: 13.10.3 Tested On: Ubuntu 20.04 Environment: Gitlab 13.10.2 CE Credits:...
Gitlab 13.9.3 - Remote Code Execution (Authenticated)
Exploit Title: Gitlab 13.9.3 - Remote Code Execution Authenticated Date: 02/06/2021 Exploit Author: enox Vendor Homepage: https://about.gitlab.com/ Software Link: https://gitlab.com/ Version: 13.9.4 Tested On: Ubuntu 20.04 Environment: Gitlab 13.9.1 CE Credits: https://hackerone.com/reports/11254...
Thecus N4800Eco Command Injection
Exploit Title: Thecus N4800Eco Nas Server Control Panel - Comand Injection Date: 01/06/2021 Exploit Author: Metin Yunus Kandemir Vendor Homepage: http://www.thecus.com/ Software Link: http://www.thecus.com/product.php?PRODID=83 Version: N4800Eco Description:...
Thecus N4800Eco Nas Server Control Panel - Comand Injection
Exploit Title: Thecus N4800Eco Nas Server Control Panel - Comand Injection Date: 01/06/2021 Exploit Author: Metin Yunus Kandemir Vendor Homepage: http://www.thecus.com/ Software Link: http://www.thecus.com/product.php?PRODID=83 Version: N4800Eco Description:...
UVI-2021-1000489 powerpc/64s: Fix crashes when toggling entry flush barrier
powerpc/64s: Fix crashes when toggling entry flush barrier This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.4.269 by commit...
UVI-2021-1000342 RDMA/siw: Fix a use after free in siw_alloc_mr
RDMA/siw: Fix a use after free in siwallocmr This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
UVI-2021-1000097 media: staging/intel-ipu3: Fix set_fmt error handling
media: staging/intel-ipu3: Fix setfmt error handling This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11.20 by commit...
UVI-2021-1000356 i2c: img-scb: fix reference leak when pm_runtime_get_sync fails
i2c: img-scb: fix reference leak when pmruntimegetsync fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
CVE-2020-15459
...
WordPress Stop Spammers 2021.8 Plugin - (log) Reflected Cross-site Scripting Vulnerability
Exploit Title: WordPress Plugin Stop Spammers 2021.8 - 'log' Reflected Cross-site Scripting XSS Exploit Author: Hosein Vita Vendor Homepage: https://wordpress.org/plugins/stop-spammer-registrations-plugin/ Software Link: https://downloads.wordpress.org/plugin/stop-spammer-registrations-plugin.zip...
keepalived bug fix and enhancement update
An update is available for keepalived. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
xdg-desktop-portal bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...