Displaying 41 - 60 of 38219

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

An OS command injection vulnerability exists in multiple ZyXEL products due to insufficient user input sanitization when parsing the username parameter. By sending a crafted HTTP request, a remote unauthenticated attacker may execute arbitrary OS commands as a superuser.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in the Google Chrome browser. Specifically, the vulnerability exists in the Javascript engine. It is possible to craft Javascript in such a way that when calling the V8 optimizer, a read/write primitive will occur. This can lead to a denial of service in the browser or potentially lead to remote code execution.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in the SMBv3 parsing component of Microsoft Windows SMB server. The vulnerability is caused by improper handling of compressed SMBv3 packets. A remote, unauthenticated attacker could exploit this vulnerability by sending specially-crafted SMBv3 messages. Successful exploitation could lead to the execution of arbitrary code on the target system.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

An OS command injection flaw exists in TP-Link TL-WR849N due to lack of user input sanitization. The vulnerability resides in routers Diagnostics area, where tests such as ping and traceroute may be performed. By sending a crafted HTTP POST request, a remote unauthenticated attacker may execute arbitrary commands on the target system.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in Google Chrome. An attacker can utilize the desktopCapture.chooseDesktopMedia API to trigger the WebContentsDestroyed method on a freed object causing a Use-After-Free condition to occur. This can result in a denial of service condition in the browser or potentially remote code execution.

CVSS: 9.0 (AV:N/AC:L/Au:N/C:P/I:P/A:C)

A remote code execution vulnerability exists in ThemeRex Addons WordPress Plugin versions greater than 1.6.50, due to lack of sanitization for user-supplied data. By sending a crafed REST-API request to /wp-json/trx addons/v2/get/sc layout, a remote unauthenticated user may invoke arbitrary PHP functions via sc parameter.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

An arbitrary file read which can be turned into local file inclusion under special circumstances exists in Apache Tomcats AJP Connector, versions before 9.0.31, 8.5.51, and 7.0.100. Dubbed as Ghostcat, the flaw exists due to lack of authentication when requesting resources via AJP binary protocol on port 8009. Unauthenticated remote attackers may be able to read arbitrary files residing within...

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

A stack-based buffer overflow vulnerability exists in Squid before 4.10 due to incorrect buffer management, when acting as a reverse proxy. By sending a crafted HTTP request with a host string longer than 255 characters in the Host header, a remote attacker may achieve remote code execution on the target host.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

A remote command injection vulnerability exists in OpenSMTPD after commit a8e222352f and before version 6.6.2. The vulnerability is due to lack of user input sanitization when processing MAIL FROM commands. A successful attack may lead to remote command execution with the privileges of the user running the OpenSMTPD service.

CVSS: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)

An OS Command Injection exists in rConfig 3.9.3 and prior versions as a result of no sanitization of user supplied data. The parameter processed in ajaxArchiveFiles.php is then used as a command line argument within a privileged command. By sending a crafted path parameter to /lib/ajaxHandlers/ajaxArchiveFiles.php path, a remote authenticated attacker may execute arbitrary OS commands as a superuser...

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in Apple WebKit. Specifically, an attacker can craft JavaScript in such a way that when reconstructing arguments objects type confusion can occur leading to a denial of service in the browser.

CVSS: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)

This strike exploits a vulnerability in Apple Webkit. Specifically, an attacker can craft JavaScript in such a way that a cross-origin object can be placed into the prototype chain of a regular object and trigger the invocation of a cross-origin setter. If this causes an exception it can be potentially leaked allowing access to another windows function constructor and turning it into a UXSS attack...

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

An untrusted deserialization vulnerability exists in Apache Log4j versions 1.2 up to 1.2.17. The vulnerability is due to the lack of class filtering in the SocketServer and SocketNode classes. By sending a crafted serialized Java object, a remote unauthenticated attacker may execute arbitrary code on the target system.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in Apple WebKit. Specifically, an attacker can craft JavaScript in such a way that when modifying the GetterSetter type confusion can occur leading to a denial of service in the browser.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike replicates an attack known as Bluegate against Remote Desktop Gateway RDG, exploiting a heap buffer overflow. The flaw is due to unsanitized index parameters when parsing large UDP packets. Successful exploitation allows the attacker to execute arbitrary code on the target system, with the privileges of the user running the RDG daemon. NOTE: Normally, a connection to the RDG is formed...

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in Apple Webkit JavaScriptCore. Specifically, a Use-After-Free occurs when the jsElementScrollHeightGetter function is invoked in a specific manner. When this happens a denial of service condition, or potentially remote code execution, may occur.

CVSS: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)

This strike exploits an information disclosure vulnerability in Microsoft SharePoint. This vulnerability is due to insufficient validation of uploaded files. A remote, authenticated attacker could exploit this vulnerability by uploading a maliciously crafted file to a target SharePoint server. Successful exploitation of this vulnerability allows the attacker to disclose NTLM hashes, which in turn...

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a heap double free vulnerability found in Adobe Acrobat and Reader. The vulnerability is due to improper input validation while parsing specific header fields of a PDF document. An attacker could exploit this vulnerability by creating a specially crafted PDF file and entice an user to open it. Successful exploitation could lead to arbitrary code execution on the target Machine...

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in Spidermonkey, the Javascript engine of Mozilla Firefox. The issue is caused by incorrect alias information for Array.prototype.slice method within IonMonkey JIT compiler component. This can lead to a denial of service or potentially allow for remote code execution to occur.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

An OS command injection vulnerability exists in Citrix Application Delivery Controller ADC and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. The command injection is possible using a directory traversal flaw, due to improper sanitization of multiple fields in HTTP requests. The flaw may be exploited by an unauthenticated attacker to execute arbitrary commands on the target server.

Pages