📄 AndroMouse Server 8.0 Unauthenticated Directory Enumeration

AndroMouse Server version 8.0 exposes an unauthenticated TCP command interface on port 8888. A remote attacker can send crafted commands to enumerate the contents of arbitrary directories on the host file system, without user interaction or authentication. Exploit Title: AndroMouse Server 8.0 –...

📄 AndroMouse Server 8.0 Remote Code Execution

AndroMouse Server version 8.0 proof of concept that exploits an unauthenticated UDP interface to simulate mouse/keyboard actions and execute malicious commands via certutil. Exploit Title: AndroMouse Server 8.0 - Remote Code Execution Date: 03/07/25 Exploit Author: Chokri Hammedi Vendor Homepage:...

PT-2024-3727 · Oracle +4 · Mysql Server +3

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.36 and prior MySQL Server versions 8.3.0 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of Oracle MySQL Server. A difficult to exploit vulnerability...

PT-2023-23309 · Elastic · Apm Server +1

Name of the Vulnerable Software and Affected Versions: ECK versions prior to 2.8 APM Server versions 8.0 and later Description: The secret token configuration is not applied when using ECK with a version less than 2.8 alongside an APM Server version 8.0 or greater. This could lead to anonymous...

PT-2023-6189 · Oracle +8 · Oracle Mysql Server +8

Name of the Vulnerable Software and Affected Versions: Oracle MySQL Server versions 8.0.34 and prior Oracle MySQL Server version 8.1.0 Description: The issue is related to insufficient input validation in the InnoDB component of Oracle MySQL Server, allowing a high-privileged attacker with networ...

PT-2023-4054 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.42 and prior MySQL Server versions 8.0.33 and prior Description: The issue allows a low-privileged attacker with network access via multiple protocols to compromise the MySQL Server. Successful attacks can result in...

PT-2022-3731 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.38 and prior MySQL Server versions 8.0.29 and prior Description: The issue is related to insufficient input validation in the Server: Options component of the MySQL Server product. It allows a high-privileged attacke...

PT-2021-6436 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.36 and prior MySQL Server versions 8.0.27 and prior Description: The issue is related to errors in resource release in the MySQL Server product, specifically in the Server: Stored Procedure component. It allows a...

CVE-2021-37147 Request Smuggling - LF line ending

Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0...

PT-2022-1937 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.36 and prior MySQL Server versions 8.0.27 and prior Description: The issue is related to errors in resource release in the MySQL Server product, specifically in the Server: Federated component. It allows a...

Arbitrary Code Execution

redhat-idm-console is vulnerable to arbitrary code execution. When running on Red Hat Enterprise Linux, Red Hat Directory Server 8.0 used insecure permissions on the redhat-idm-console startup script. Local users could modify this script and run arbitrary code with the privileges of the user...

Security Bulletin: A security vulnerability has been identified in Websphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On (CVE-2016-0359)

Summary Websphere Application Server is shipped as a component of IBM Security Access Manager for Enterprise Single Sign-On. Information about a security vulnerability affecting Websphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Case Manager (CVE-2019-4268)

Summary IBM WebSphere Application Server is shipped as a component of IBM Case Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin: Fi...

Oracle MySQL Server 8.0 <= 8.0.16 Security Update (cpujul2019) - Windows

Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with Financial Transaction Manager (CVE-2018-1695)

Summary WebSphere Application Server is shipped with Financial Transaction Manager. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletin Security Bulletin: Potential...

Security Bulletin: Multiple vulnerabilities has been identified in IBM WebSphere Application Server shipped with IBM Case Manager (CVE-2014-0114, CVE-2016-1181, CVE-2016-1182, CVE-2012-1007)

Summary IBM WebSphere Application Server is shipped as a component of IBM Case Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin Vulnerability Details Please consult the security bulletin Security Bulletin:...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2017-1681)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

Security Bulletin: Vulnerability in Apache Commons FileUpload affects IBM Forms Server (CVE-2016-3092 )

Summary An Apache Commons FileUpload vulnerability for handling string edge case was addressed by IBM Forms Server. Vulnerability Details CVEID: CVE-2016-3092 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending...

CUPS '_cupsImageReadTIFF()'整数溢出漏洞

BUGTRAQ ID: 34571 CVE ID：CVE-2009-0163 CNCVE ID：CNCVE-20090163 Common Unix Printing SystemCUPS是一款通用Unix打印系统，是Unix环境下的跨平台打印解决方案，基于Internet打印协议，提供大多数PostScript和raster打印机服务。 CUPS处理TIFF图像存在整数溢出，远程攻击者可以利用漏洞以应用程序权限执行任意指令。...

CVE-2003-1222

CVE-2003-1222 affects BEA WebLogic Express/Server 8.0–8.1 SP1 when using a foreign JMS provider. The underlying issue is that the system echoes the foreign provider password to the console and stores it in cleartext in config.xml, enabling an attacker to obtain the password. The description does ...