57 matches found
PT-2025-18265 · Ctrlx Os · Ctrlx Os
Name of the Vulnerable Software and Affected Versions: ctrlX OS affected versions not specified Description: A vulnerability in the “Remote Logging” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to execute arbitrary OS commands in the conte...
About Elevation of Privilege – needrestart (CVE-2024-48990) vulnerability
About Elevation of Privilege - needrestart CVE-2024-48990 vulnerability. On November 19, Qualys released a security bulletin about five privilege escalation vulnerabilities in the needrestart utility CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003 used in Ubuntu...
Beckhoff TwinCAT/BSD Buffer Copy without Checking Size of Input (CVE-2024-41176)
The MPD package included in TwinCAT/BSD allows an authenticated, low- privileged local attacker to induce a Denial-of-Service DoS condition on the daemon and execute code in the context of user root via a crafted HTTP request. This plugin only works with Tenable.ot. Please visit...
CVE-2024-32741
A vulnerability has been identified in SIMATIC CN 4100 All versions V3.0. The affected device contains hard coded password which is used for the privileged system user root and for the boot loader GRUB by default . An attacker who manages to crack the password hash gains root access to the device...
CVE-2023-31003 IBM Security Access Manager Container privilege escalation
IBM Security Access Manager Container IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254658...
PT-2024-1197 · Ibm · Ibm Security Verify Access Appliance +2
Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager Container versions 10.0.0.0 through 10.0.6.1 IBM Security Verify Access Appliance versions 10.0.0.0 through 10.0.6.1 IBM Security Verify Access Docker version 10.0.6.1 Description: The issue is related to improper...
CVE-2021-26729
Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2022-21941
All versions of iSTAR Ultra prior to version 6.8.9.CU01 are vulnerable to a command injection that could allow an unauthenticated user root access to the system...
CVE-2021-35939
It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threa...
CVE-2021-3156 "Baron Samedit"
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via “sudoedit -s” and a command-line argument that ends with a single backslash character. Recent assessments: cdelafuente-r7 at January 27, 2021 3:40pm UTC...
CVE-2020-8465
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSRF bypass CVE-2020-8461 and authentication bypass CVE-2020-8464 to execute code as user root...
CVE-2020-8655
An issue was discovered in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via a crafted NSE script for nmap 7...
openSUSE Security Update : system-user-root (openSUSE-2019-1495)
This update for sles12sp3-docker-image, sles12sp4-image, system-user-root fixes the following issues : - CVE-2019-5021: Include an invalidated root password by default, not an empty one bsc1134524 This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc...
Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root (important)
openSUSE Security Update: Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root Announcement ID: openSUSE-SU-2019:1495-1 Rating: important References: 1134524 Cross-References: CVE-2019-5021 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that fixes o...
Dell Customer Connect 1.3.28.0 - Local Privilege Escalation
Dell Customer Connect 1.3.28.0 - Local Privilege Escalation Exploit Dell Customer Connect 1.3.28.0 Privilege Escalation Date: 25.04.2017 Software Link: http://www.dell.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: local...
Lingxia I.C.E CMS Remote Blind SQL Injection Exploit
No description provided by source. !/usr/bin/python ICE CMS Blind SQLi 0day. mrme@pluto ice$ python icecold.py -p localhost:8080 -t 10.3.100.25:8500 -d /ice/ | ---------------------------------------------------- | | Lingxia I.C.E CMS Remote Blind SQL Injection Exploit | | by mrme - net-ninja.net...
MySQL - 'Stuxnet Technique' Windows Remote System
MySQL Scanner & MySQL Server for Windows Remote SYSTEM Level Exploit Version 1.0 By Kingcope In the Year of 2012 https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/23083.zip use this on a fast scan server! How to use. pnscan: the file "accounts" holds the user/passwo...
Lingxia I.C.E CMS - Blind SQL Injection
Lingxia I.C.E CMS - Blind SQL Injection !/usr/bin/python ICE CMS Blind SQLi 0day. mrme@pluto ice$ python icecold.py -p localhost:8080 -t 10.3.100.25:8500 -d /ice/ | ---------------------------------------------------- | | Lingxia I.C.E CMS Remote Blind SQL Injection Exploit | | by mrme -...
Mediacoder 0.6.2.4275 - .m3u Universal Stack Overflow
Mediacoder 0.6.2.4275 - .m3u Universal Stack Overflow !/usr/bin/perl MediaCoder 0.6.2.4275 Universal Stack Based Overflow By Stack Mountassif Moad cat Greatz.txt Jadi-Chel7 & Mr.Safa7 & Houssamix & Simo-Soft & DDos & Simo64 & G0rillaz & Issam & Sec-Alert & & Bohayra & j0rd4n14n.r1z Webug &...
CrystalPlayer 1.98 Playlist Crafted mls File Local Buffer Overflow Exploit
Exploit for unknown platform in category local exploits ========================================================================== CrystalPlayer 1.98 Playlist Crafted mls File Local Buffer Overflow Exploit ========================================================================== !/usr/bin/perl...