Haserl Arbitrary File Reader

This module exploits haserl prior to 0.9.36 to read arbitrary files. The most widely accepted exploitation vector is reading /etc/shadow, which will reveal root's hash for cracking. Module Options msf use post/linux/gather/haserlread msf posthaserlread show actions ...actions... msf posthaserlrea...

DEBIAN-CVE-2020-36310

An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a setmemoryregiontest infinite loop for certain nested page faults, aka CID-e72436bc3a52...

UBUNTU-CVE-2020-36310

An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a setmemoryregiontest infinite loop for certain nested page faults, aka CID-e72436bc3a52...

Linux kernel infinite loop vulnerability (CNVD-2021-29471)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A setmemoryregiontest infinite loop vulnerability exists in arch/x86/kvm/svm/svm.c in Linux kernel versions prior to...

PT-2021-8033 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the set fmt error handling in the Linux kernel's intel-ipu3 driver. If an error occurs during a set fmt, the previous sizes are overwritten with the invalid...

Linux kernel 安全漏洞

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A setmemoryregiontest infinite loop vulnerability exists in arch/x86/kvm/svm/svm.c in Linux kernel versions prior to...

CVE-2021-26071

The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to enable and disable Jira Software configuration via a cross-site request forgery CS...

The vulnerability of the XkbSetDeviceInfo component in the xorg-x11-server package allows a attacker to compromise the privacy, integrity, and accessibility of the protected information.

The vulnerability of the XkbSetDeviceInfo component in the xorg-x11-server package is caused by a buffer overflow in the dynamic memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

Vulnerability of the check_output function in output.c. SUID in a isolated programming environment. Firejail, due to the lack of measures to neutralize special elements, allows a violator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability in the checkoutput function in output.c. The SUID attribute in the isolated programming environment of Firejail indicates that there are no measures in place to neutralize this vulnerability. Exploiting this vulnerability could allow a remote attacker to access confidential data...

PT-2021-5689 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: The issue is related to the implementation of the Microsoft.SharePoint.WorkflowActions.SetVariableActivity class in Microsoft SharePoint Foundation, SharePoint Server, a...

PT-2021-17835 · Ca · Ca Ehealth Performance Manager

Name of the Vulnerable Software and Affected Versions: CA eHealth Performance Manager versions 6.3.2.12 and earlier Description: The issue is related to Privilege Escalation via a setuid and/or setgid file. When a component is run as an argument of the runpicEhealth executable, the script code wi...

Arbitrary Code Execution

Overview total.js is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. It can be used as web, desktop, service or IoT application. Affected versions of this package are vulnerable to Arbitrary Code Execution via the U.set and...

The vulnerability of the setuid function in the UNIX command shell Zsh allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failure.

The vulnerability of the setuid function in the UNIX command shell Zsh is related to incorrect reallocation of the user ID. Exploitation of this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

total.js Remote Code Execution Vulnerability

total.js is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. It can be used as web, desktop, service or IoT application. Affected versions of this package are vulnerable to Remote Code Execution RCE via set. PoC js // To be ru...

Prototype Pollution

Overview Prototype pollution vulnerability in set-in versions 1.0.0 through 2.0.0 allows attacker to cause a denial of service and may lead to remote code execution. Recommendation Upgrade to version 2.0.1 or later. References - GitHub Advisory - CVE...

swear (>=0.0.0 <=0.0.4), tcomb-view (>=2.0.0 <=2.0.3) +1 more potentially affected by CVE-2020-28273 via set-in (=1.1.1)

set-in NPM version =1.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on set-in and may be impacted: - swear =0.0.0, =2.0.0, =0.0.0, =1.0.0 Source cves: CVE-2020-28273 Source advisory: OSV:GHSA-QR4P-C9WR-PHR6...

GHSA-QR4P-C9WR-PHR6 Prototype pollution in set-in

Prototype pollution vulnerability in 'set-in' versions 1.0.0 through 2.0.0 allows attacker to cause a denial of service and may lead to remote code execution...

Prototype pollution in set-in

Prototype pollution vulnerability in 'set-in' versions 1.0.0 through 2.0.0 allows attacker to cause a denial of service and may lead to remote code execution...

CVE-2021-28660

rtwwxsetscan in drivers/staging/rtl8188eu/osdep/ioctllinux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the -ssid array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/ unfinished work; however, system integrators may...

USN-4879-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi vulnerabilities

It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-36158 Loris Reiff discovered that the BPF implementation in t...