๐จ CVE-2017-6740
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve66601.
๐@cveNotify
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve66601.
๐@cveNotify
๐จ CVE-2002-0367
smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.
๐@cveNotify
smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.
๐@cveNotify
๐จ CVE-2004-0210
The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.
๐@cveNotify
The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.
๐@cveNotify
www.kb.cert.org
CERT/CC Vulnerability Note VU#647436
Microsoft Windows contains a buffer overflow in the POSIX subsystem
๐จ CVE-2005-2773
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.
๐@cveNotify
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.
๐@cveNotify
๐จ CVE-2008-2992
Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.
๐@cveNotify
Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.
๐@cveNotify
๐จ CVE-2009-1151
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
๐@cveNotify
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
๐@cveNotify
๐จ CVE-2009-1123
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Desktop Vulnerability."
๐@cveNotify
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Desktop Vulnerability."
๐@cveNotify
๐จ CVE-2009-3960
Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.
๐@cveNotify
Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.
๐@cveNotify
Flexera
Secunia Research
Flexera provides software licensing management, software compliance, installation and application packaging solutions to developers and their customers.
๐จ CVE-2010-2861
Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm, and (5) enter.cfm in CFIDE/administrator/.
๐@cveNotify
Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm, and (5) enter.cfm in CFIDE/administrator/.
๐@cveNotify
Cxsecurity
Adobe ColdFusion - Directory Traversal' - CXSecurity.com
metasploit has realised a new security note Adobe ColdFusion - Directory Traversal'
๐จ CVE-2010-3035
Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.
๐@cveNotify
Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.
๐@cveNotify
๐จ CVE-2010-3333
Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability."
๐@cveNotify
Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability."
๐@cveNotify
๐จ CVE-2010-4344
Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
๐@cveNotify
Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
๐@cveNotify
๐จ CVE-2021-3773
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.
๐@cveNotify
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.
๐@cveNotify
๐จ CVE-2024-5154
A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (โ../โ). This flaw allows the container to read and write to arbitrary files on the host system.
๐@cveNotify
A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (โ../โ). This flaw allows the container to read and write to arbitrary files on the host system.
๐@cveNotify
๐จ CVE-2024-39036
SeaCMS v12.9 is vulnerable to Arbitrary File Read via admin_safe.php.
๐@cveNotify
SeaCMS v12.9 is vulnerable to Arbitrary File Read via admin_safe.php.
๐@cveNotify
GitHub
Arbitrary File Read in SeaCMS v12.9 ยท Issue #18 ยท seacms-net/CMS
Summary SeaCMS v12.9 has an arbitrary file read vulnerability in the admin/adminsafe.php file, allowing attackers to read system files after accessing the Website back end. Detail file_get_contents...
๐จ CVE-2024-40129
Open5GS v2.6.4 is vulnerable to Buffer Overflow. via /lib/pfcp/context.c.
๐@cveNotify
Open5GS v2.6.4 is vulnerable to Buffer Overflow. via /lib/pfcp/context.c.
๐@cveNotify
GitHub
[PFCP] Fixed Possible heap buffer overflow (#2585) ยท open5gs/open5gs@2fbc445
After examining the call stack and reading the source code, I found that
in /lib/core/ogs-pool.h line 152: (pool)->array[i] = i+1;
then in lib/pfcp/context.c line 78: pdr_random_to_index[ogs...
in /lib/core/ogs-pool.h line 152: (pool)->array[i] = i+1;
then in lib/pfcp/context.c line 78: pdr_random_to_index[ogs...
๐จ CVE-2024-40130
open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c.
๐@cveNotify
open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c.
๐@cveNotify
GitHub
Fixed dynamic-stack-buffer-overflow (#2578, #2577) ยท open5gs/open5gs@2f8ae91
Open5GS is a C-language Open Source implementation for 5G Core and EPC, i.e. the core network of LTE/NR network (Release-17) - Fixed dynamic-stack-buffer-overflow (#2578, #2577) ยท open5gs/open5gs@2f8ae91
๐จ CVE-2024-40392
SourceCodester Pharmacy/Medical Store Point of Sale System Using PHP/MySQL and Bootstrap Framework with Source Code 1.0 was discovered to contain a SQL injection vulnerability via the name parameter under addnew.php.
๐@cveNotify
SourceCodester Pharmacy/Medical Store Point of Sale System Using PHP/MySQL and Bootstrap Framework with Source Code 1.0 was discovered to contain a SQL injection vulnerability via the name parameter under addnew.php.
๐@cveNotify
GitHub
SourceCodester Pharmacy/Medical Store Point of Sale System Using PHP/MySQL and Bootstrap Framework with Source Code 1.0 addnew.phpโฆ
SourceCodester Pharmacy/Medical Store Point of Sale System Using PHP/MySQL and Bootstrap Framework with Source Code 1.0 addnew.php SQL injection vulnerability NAME OF AFFECTED PRODUCT(S) Pharmacy/M...
๐จ CVE-2024-40393
Online Clinic Management System In PHP With Free Source code v1.0 was discovered to contain a SQL injection vulnerability via the user parameter at login.php.
๐@cveNotify
Online Clinic Management System In PHP With Free Source code v1.0 was discovered to contain a SQL injection vulnerability via the user parameter at login.php.
๐@cveNotify
GitHub
SourceCodester Online Clinic Management System In PHP With Free Source code 1.0 login.php SQL injection ยท Issue #47 ยท CveSecLook/cve
SourceCodester Online Clinic Management System In PHP With Free Source code 1.0 login.php SQL injection NAME OF AFFECTED PRODUCT(S) Online Clinic Management System In PHP With Free Source code Vend...
๐จ CVE-2024-40394
Simple Library Management System Project Using PHP/MySQL v1.0 was discovered to contain an arbitrary file upload vulnerability via the component ajax.php.
๐@cveNotify
Simple Library Management System Project Using PHP/MySQL v1.0 was discovered to contain an arbitrary file upload vulnerability via the component ajax.php.
๐@cveNotify
GitHub
SourceCodester Simple Library Management System Project Using PHP/MySQL 1.0 ajax.php Unrestricted Upload ยท Issue #48 ยท CveSecLook/cve
SourceCodester Simple Library Management System Project Using PHP/MySQL 1.0 ajax.php Unrestricted Upload NAME OF AFFECTED PRODUCT(S) Simple Library Management System Project Using PHP/MySQL Vendor ...
๐จ CVE-2024-40503
An issue in Tenda AX12 v.16.03.49.18_cn+ allows a remote attacker to cause a denial of service via the Routing functionality and ICMP packet handling.
๐@cveNotify
An issue in Tenda AX12 v.16.03.49.18_cn+ allows a remote attacker to cause a denial of service via the Routing functionality and ICMP packet handling.
๐@cveNotify
Gist
ICMP Redirect attacks
ICMP Redirect attacks. GitHub Gist: instantly share code, notes, and snippets.