399 matches found
CVE-2020-24361
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknowntrapexec...
CVE-2020-24361
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknowntrapexec...
CVE-2020-24361
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknowntrapexec...
Code injection
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknowntrapexec...
CVE-2020-24361
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknowntrapexec...
CVE-2020-24361
CVE-2020-24361 affects SNMPTT versions prior to 1.4.2, enabling remote code execution via SNMP traps (EXEC, PREXEC, or unknown_trap_exec). Evidence across multiple sources ties the vulnerability to SNMPTT’s trap handling, with Debian and other advisories noting that upgrades to fixed packages (e....
CVE-2020-24361
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknowntrapexec...
GLSA-202007-63 : SNMP Trap Translator: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202007-63 SNMP Trap Translator: Multiple vulnerabilities It was found that SNMP Trap Translator does not drop privileges as configured and does not properly escape shell commands in certain functions. Impact : A remote attacker, b...
snmptt -- malicious shell code
Snmptt reports: Fixed a security issue with EXEC / PREXEC / unknowntrapexec that could allow malicious shell code to be executed. Fixed a bug with EXEC / PREXEC / unknowntrapexec that caused commands to be run as root instead of the user defined in daemonuid...
NewStart CGSL MAIN 6.01 : unbound Multiple Vulnerabilities (NS-SA-2020-0037)
The remote NewStart CGSL host, running version MAIN 6.01, has unbound packages installed that are affected by multiple vulnerabilities: - Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This...
Directory traversal
In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current...
CVE-2020-15121
In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current...
CVE-2020-15121 Command injection in Radare2
In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current...
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2020-1783)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.0 : unbound (EulerOS-SA-2020-1783)
According to the version of the unbound package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a...
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2020-1618)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows - (SMBGhost) Remote Code Execution Exploit
!/usr/bin/env python ''' EDB Note Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/48537.zip SMBGhostRCEPoC RCE PoC for CVE-2020-0796 "SMBGhost" For demonstration purposes only! Only use this a reference. Seriously. This has not been tested outside of m...
Online Discussion Forum Site 1.0 - Remote Code Execution
Online Discussion Forum Site version 1.0 suffers from a remote code execution vulnerability. Exploit Title: Online Discussion Forum Site 1.0 - Remote Code Execution Google Dork: N/A Date: 2020-05-24 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage:...
Online Discussion Forum Site 1.0 - Remote Code Execution Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Discussion Forum Site 1.0 - Remote Code Execution Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://www.sourcecodester.com/php/14233/online-discussion-forum-site.html Software Link:...
Arbitrary Code Execution
newsbeuter is vulnerable to arbitrary code execution. A remote attacker is able to inject and execute shell code in the title/url via the bookmarking function...