28 matches found
EUVD-2023-3221
Malicious code in bioql PyPI...
KLA78026 ACE vulnerability in Microsoft Developer Tools
A remote code vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2024-49063 Related products Microsoft-Dynamics-365 CVE list CVE-2024-49063 high Solution Install necessary updates from the KB...
KLA74614 ACE vulnerability in Microsoft Azure
A remote code execution vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2024-0132 Related products Microsoft-Azure CVE list CVE-2024-0132 critical Solution Install necessary updates from the KB section,...
Sockso Music Host Server 1.5 Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sockso Music Host Server 1.5 Directory Traversal', 'Description' = %q This module exploits a directory traversal bug in Sockso on port 4444. This...
Exploit for Improper Privilege Management in Enlightenment
Description Taken from https://github.com/nu11secur1ty/CVE-mi...
Exploit for Heap-based Buffer Overflow in Gnu Glibc
GNU C Library's Dynamic Loader Vulnerability CVE-2023-4911...
GHSA-HH8P-P8MP-GQHM MLFlow Path Traversal Vulnerability
A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information...
CVE-2023-6975
A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information...
CVE-2023-6975
A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information...
Command injection
A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information...
CVE-2023-6975 Path Traversal: '\..\filename'
A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information...
Exploit for Double Free in Linux Linux_Kernel
CVE-2022-2588 Code adapted for one cpu, and with a vagrant fil...
Yelp: RCE on build server via misconfigured pip install
The following Python library has been installed on at least one Yelp owned build server directly from the public PyPI registry. https://pypi.org/project/yelp-cgeom/ This package should normally be downloaded from the internal Yelp registry, but a misconfiguration appears to have caused it to be...
Machine is vulnerable to attacks after CPUSE clean install and before completing the First Time Wizard
...
Hack with Metasploit: Announcing the UNITED 2017 CTF
Got mad skillz? Want mad skillz? This year at Rapid7s annual UNITED Summit, were hosting a first-of-its-kind Capture the Flag CTF competition. Whether youre a noob to hacking or a grizzled pro, youll emerge from our 25-hour CTF with more knowledge and serious bragging rights. Show off your 1337...
ATCOM PBX Authentication Bypass
Title: ATCOM PBX system , auth bypass exploit Author: i-Hmx contact : [email protected] Home : sec4ever.com Tested on : ATCOM IP01 , IP08 , IP4G and ip2G4A Details The mentioned system is affected by auth bypass flaw that allow an attacker to get admin access on the vulnerable machine without...
Fusion SBX <= 1.2 - Remote Command Execution Exploit
No description provided by source. / Fusion SBX = 1.2 exploit sileFSBXxpl This exploit use vulnerability found into Fusion SBX and create new variable and call it with a malicious function stored in config.php. This exploit utilize injection of three diverse procedures for execution of arbitrary...
Unixware 7.0 SCOhelp HTTP Server Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1717/info SCO Unixware 7 default installation includes scohelp, an http server that listens on port 457/tcp and allows access to manual pages and other documentation files. The search CGI script provided for that purpose...
Microsoft plugs gaping holes in IE, Excel, Windows
Microsoft today released its April batch of security patches: 8 bulletins with patches for at least 20 documented holes in popular software products. The most serious of the flaws could lead to remote code execution attacks that give a malicious hacker complete ownership of a vulnerable machine...
HP notebooks remote code execution vulnerability (multiple series)
Advisory: ///////// Multiple Hewlett-Packard notebook series are prone to a remote code execution attack. The manufacturer's preinstalled software contains a critical flaw within the software built to support one-touch button quick feature access. Overview: ///////// Software called "HP Info...