CVSS: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
A type confusion vulnerability exists in V8 JavaScript engine in Google Chrome prior to 80.0.3987.122. The vulnerability may be triggered by changing array elements types (e.g. from SmallInteger to Double) after optimization takes place. By successfully exploiting this flaw, an attacker can execute arbitrary code in the context or the Chrome's 'renderer' process.
CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
This strike exploits an insecure deserialization vulnerability in Oracle Coherence library, which is used in popular products such as Oracle WebLogic Server. Coherence Library is a key component for Oracle to implement highly reliable and scalable cluster computing. The vulnerability is a result of insufficient validation of T3 requests. The server allows deserialization of classes in objects...
CVSS: 9.0 (AV:N/AC:L/Au:N/C:P/I:P/A:C)
An OS command injection vulnerability exists in Dell KACE K1000 versions before 6.4.120822, due to lack of sanitization of user-supplied data. By sending a crafted 'kuid' parameter in a HTTP request to '/service/krashrpt.php', a remote unauthenticated attacker may execute arbitrary OS commands as the user 'www'.
CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
This strike exploits a vulnerability in the Google Chrome browser. Specifically, the vulnerability exists in the Javascript engine. It is possible to craft Javascript in such a way that when calling the V8 optimizer, a read/write primitive will occur. This can lead to a denial of service in the browser or potentially lead to remote code execution.
CVSS: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
An OS command injection vulnerability exists in Sangoma Asterisk, due to lack of user input validation on Asterisk Manager Interface. By sending a crafted AMI action request with a 'Data' parameter, a remote authenticated attacker may execute arbitrary commands on the target server.
CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
This strike exploits a vulnerability in Google Chrome. An attacker can utilize the desktopCapture.chooseDesktopMedia API to trigger the WebContentsDestroyed method on a freed object causing a use after free condition to occur. This can result in a denial of service condition in the browser or potentially remote code execution.
CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
This strike exploits a vulnerability in the SMBv3 parsing component of Microsoft Windows SMB server. The vulnerability is caused by improper handling of compressed SMBv3 packets. A remote, unauthenticated attacker could exploit this vulnerability by sending specially-crafted SMBv3 messages. Successful exploitation could lead to the execution of arbitrary code on the target system.
CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
An OS command injection vulnerability exists in multiple ZyXEL products due to insufficient user input sanitization when parsing the 'username' parameter. By sending a crafted HTTP request, a remote unauthenticated attacker may execute arbitrary OS commands as a superuser.
CVSS: 9.0 (AV:N/AC:L/Au:N/C:P/I:P/A:C)
An arbitrary file upload vulnerability exists in WordPress Cherry Plugin versions before 1.7, due to lack of authentication for file import actions. By exploiting this flaw, a remote unauthenticated attacker may execute arbitrary PHP code by uploading a webshell with a crafted HTTP POST request.
CVSS: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
A remote code execution vulnerability exists in Microsoft Exchange Server due to a hardcoded validation key. A remote authenticated attacker may send a crafted serialized 'ViewState' object, which gets deserialized on the server to achieve remote code execution as the 'SYSTEM' user.
CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
An OS command injection flaw exists in TP-Link TL-WR849N due to lack of user input sanitization. The vulnerability resides in router's 'Diagnostics' area, where tests such as 'ping' and 'traceroute' may be performed. By sending a crafted HTTP POST request, a remote unauthenticated attacker may execute arbitrary commands on the target system.
CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
A stack-based buffer overflow vulnerability exists in Squid before 4.10 due to incorrect buffer management, when acting as a reverse proxy. By sending a crafted HTTP request with a host string longer than 255 characters in the 'Host' header, a remote attacker may achieve remote code execution on the target host.
CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
An arbitrary file read (which can be turned into local file inclusion under special circumstances) exists in Apache Tomcat's AJP Connector, versions before 9.0.31, 8.5.51, and 7.0.100. Dubbed as 'Ghostcat', the flaw exists due to lack of authentication when requesting resources via AJP binary protocol on port 8009. Unauthenticated remote attackers may be able to read arbitrary files...
CVSS: 9.0 (AV:N/AC:L/Au:N/C:P/I:P/A:C)
A remote code execution vulnerability exists in ThemeRex Addons WordPress Plugin versions greater than 1.6.50, due to lack of sanitization for user-supplied data. By sending a crafed REST-API request to '/wp-json/trx_addons/v2/get/sc_layout', a remote unauthenticated user may invoke arbitrary PHP functions via 'sc' parameter.
CVSS: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
An OS Command Injection exists in rConfig 3.9.3 and prior versions as a result of no sanitization of user supplied data. The parameter processed in 'ajaxArchiveFiles.php' is then used as a command line argument within a privileged command. By sending a crafted 'path' parameter to '/lib/ajaxHandlers/ajaxArchiveFiles.php' path, a remote authenticated attacker may execute...
CVSS: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
This strike exploits a vulnerability in Apple Webkit. Specifically, an attacker can craft JavaScript in such a way that a cross-origin object can be placed into the prototype chain of a regular object and trigger the invocation of a cross-origin setter. If this causes an exception it can be potentially leaked allowing access to another window's function constructor and turning it into a UXSS...
CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
This strike exploits a vulnerability in Apple WebKit. Specifically, an attacker can craft JavaScript in such a way that when modifying the GetterSetter type confusion can occur leading to a denial of service in the browser.
CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
An untrusted deserialization vulnerability exists in Apache Log4j versions 1.2 up to 1.2.17. The vulnerability is due to the lack of class filtering in the SocketServer and SocketNode classes. By sending a crafted serialized Java object, a remote unauthenticated attacker may execute arbitrary code on the target system.
CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
This strike replicates an attack known as Bluegate against Remote Desktop Gateway (RDG), exploiting a heap buffer overflow. The flaw is due to unsanitized index parameters when parsing large UDP packets. Successful exploitation allows the attacker to execute arbitrary code on the target system, with the privileges of the user running the RDG daemon. NOTE: Normally, a connection to the RDG is formed...
CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
This strike exploits a vulnerability in Apple WebKit. Specifically, an attacker can craft JavaScript in such a way that when reconstructing arguments objects type confusion can occur leading to a denial of service in the browser.
Pages