17 matches found
CVE-2024-47684
A flaw was found in the TCP implementation in the Linux kernel. A NULL pointer dereference can be triggered from the Tail Loss Probe TLP path and from the Recent ACKnowledgment RACK case, resulting in a denial of service. Mitigation Mitigation for this issue is either not available or the current...
CVE-2024-47684
In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcprtodeltaus We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcprearmrto. Initially hittin...
CVE-2024-47684 tcp: check skb is non-NULL in tcp_rto_delta_us()
In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcprtodeltaus We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcprearmrto. Initially hittin...
CVE-2024-47684
Technical details about CVE-2024-47684 are not publicly provided in the supplied documents; no affected products, versions, root cause, or fixes are disclosed here. Monitor for updates.
CVE-2024-47684 tcp: check skb is non-NULL in tcp_rto_delta_us()
In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcprtodeltaus We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcprearmrto. Initially hittin...
CVE-2024-47684 tcp: check skb is non-NULL in tcp_rto_delta_us()
In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcprtodeltaus We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcprearmrto. Initially hittin...
Exploit for Improper Privilege Management in Enlightenment
Description Taken from https://github.com/nu11secur1ty/CVE-mi...
Ray OS 2.6.3 Command Injection
Exploit Title: Ray OS v2.6.3 - Command Injection RCEUnauthorized Description: The Ray Project dashboard contains a CPU profiling page, and the format parameter is not validated before being inserted into a system command executed in a shell, allowing for arbitrary command execution. If the system...
Ray OS v2.6.3 - Command Injection RCE(Unauthorized)
Exploit Title: Ray OS v2.6.3 - Command Injection RCEUnauthorized Description: The Ray Project dashboard contains a CPU profiling page, and the format parameter is not validated before being inserted into a system command executed in a shell, allowing for arbitrary command execution. If the system...
Ray OS v2.6.3 - Command Injection Exploit
Exploit Title: Ray OS v2.6.3 - Command Injection RCEUnauthorized Description: The Ray Project dashboard contains a CPU profiling page, and the format parameter is not validated before being inserted into a system command executed in a shell, allowing for arbitrary command execution. If the system...
Ladder 0.0.21 Server-Side Request Forgery
Exploit Title: Ladder v0.0.21 Server-side request forgery SSRF Date: 2024-01-20 Exploit Author: @chebuya Software Link: https://github.com/everywall/ladder Version: v0.0.1 - v0.0.21 Tested on: Ubuntu 20.04.6 LTS on AWS EC2 ami-0fd63e471b04e22d0 CVE: CVE-2024-27620 Description: Ladder fails to app...
Uvdesk 1.1.3 Shell Upload
Exploit Title: Uvdesk v1.1.3 - File Upload Remote Code Execution RCE Authenticated Date: 28/07/2023 Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Vendor Homepage: https://www.uvdesk.com Software Link: https://github.com/uvdesk/community-skeleton Version: 1.1.3 Example: python...
Uvdesk v1.1.3 - File Upload Remote Code Execution (Authenticated) Exploit
Exploit Title: Uvdesk v1.1.3 - File Upload Remote Code Execution RCE Authenticated Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Vendor Homepage: https://www.uvdesk.com Software Link: https://github.com/uvdesk/community-skeleton Version: 1.1.3 Example: python3 CVE-2023-39147....
Uvdesk v1.1.3 - File Upload Remote Code Execution (RCE) (Authenticated)
Exploit Title: Uvdesk v1.1.3 - File Upload Remote Code Execution RCE Authenticated Date: 28/07/2023 Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Vendor Homepage: https://www.uvdesk.com Software Link: https://github.com/uvdesk/community-skeleton Version: 1.1.3 Example: python...
PyLoad 0.5.0 - Pre-auth Remote Code Execution Exploit
Exploit Title: PyLoad 0.5.0 - Pre-auth Remote Code Execution RCE Credits: bAu @bauh0lz Exploit Author: Gabriel Lima 0xGabe Vendor Homepage: https://pyload.net/ Software Link: https://github.com/pyload/pyload Version: 0.5.0 Tested on: Ubuntu 20.04.6 CVE: CVE-2023-0297 import requests, argparse...
PyLoad 0.5.0 Remote Code Execution
Exploit Title: PyLoad 0.5.0 - Pre-auth Remote Code Execution RCE Date: 06-10-2023 Credits: bAu @bauh0lz Exploit Author: Gabriel Lima 0xGabe Vendor Homepage: https://pyload.net/ Software Link: https://github.com/pyload/pyload Version: 0.5.0 Tested on: Ubuntu 20.04.6 CVE: CVE-2023-0297 import...
PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)
Exploit Title: PyLoad 0.5.0 - Pre-auth Remote Code Execution RCE Date: 06-10-2023 Credits: bAu @bauh0lz Exploit Author: Gabriel Lima 0xGabe Vendor Homepage: https://pyload.net/ Software Link: https://github.com/pyload/pyload Version: 0.5.0 Tested on: Ubuntu 20.04.6 CVE: CVE-2023-0297 import...