7 Sticky Notes 1.9 Command Injection
7 Sticky Notes version 1.9 suffers from a command injection vulnerability.
View ArticleWebCatalog 48.4 Arbitrary Protocol Execution / Code Execution
WebCatalog versions prior to 48.8 call the Electron shell.openExternal function without verifying that the URL is for an http or https resource. This vulnerability allows an attacker to potentially...
View ArticleGrocy 4.0.2 Cross Site Request Forgery
Grocy versions 4.0.2 and below suffer from a cross site request forgery vulnerabilities.
View ArticleBank Locker Management System SQL Injection
Bank Locker Management System suffers from a remote SQL injection vulnerability.
View ArticleTypora 1.7.4 Command Injection
Typora version 1.7.4 suffers from a command injection vulnerability.
View ArticleRicoh Printer Directory / File Exposure
Ricoh printers suffer from directory and file exposure vulnerabilities.
View ArticleRed Hat Security Advisory 2024-0484-03
Red Hat Security Advisory 2024-0484-03 - Red Hat OpenShift Container Platform release 4.13.31 is now available with updates to packages and images that fix several bugs and add enhancements.
View ArticleRed Hat Security Advisory 2024-0647-03
Red Hat Security Advisory 2024-0647-03 - An update for rpm is now available for Red Hat Enterprise Linux 8.
View ArticleComSndFTP Server 1.3.7 Beta Denial Of Service
ComSndFTP Server version 1.3.7 Beta remote denial of service exploit.
View ArticleGoAhead Web Server 2.5 HTML Injection
GoAhead Web Server version 2.5 suffers from an html injection vulnerability.
View ArticleTP-LINK TL-WR740N HTML Injection
TP-LINK TL-WR740N suffers from an html injection vulnerability.
View ArticleProxmox VE 7.4-1 TOTP Brute Force
Proxmox VE versions 5.4 through 7.4-1 suffer from a TOTP brute forcing vulnerability.
View ArticlePCMan FTP Server 2.0 Buffer Overflow
PCMan FTP Server version 2.0 pwn remote buffer overflow exploit.
View ArticleJuniper SRX Firewall / EX Switch Remote Code Execution
This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo() function on the login page of the target device, allowing to inspect the PHP...
View ArticleDebian Security Advisory 5612-1
Debian Linux Security Advisory 5612-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
View ArticleUbuntu Security Notice USN-6621-1
Ubuntu Security Notice 6621-1 - It was discovered that ImageMagick incorrectly handled certain values when processing BMP files. An attacker could exploit this to cause a denial of service.
View ArticleDebian Security Advisory 5613-1
Debian Linux Security Advisory 5613-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in side channel attacks, leaking sensitive data to log files, denial...
View ArticleGentoo Linux Security Advisory 202402-01
Gentoo Linux Security Advisory 202402-1 - Multiple vulnerabilities in glibc could result in Local Privilege Escalation. Versions greater than or equal to 2.38-r10 are affected.
View ArticleFortra GoAnywhere MFT Unauthenticated Remote Code Execution
This Metasploit module exploits a vulnerability in Fortra GoAnywhere MFT that allows an unauthenticated attacker to create a new administrator account. This can be leveraged to upload a JSP payload and...
View Article