DotCMS version 3.5 Beta suffers from a cross site scripting vulnerability.
d9b67e3866760f53eed0d680abdd9d5b2fae352477c2d8af3ce6a5c48701e9cfDotCMS version 3.5 Beta suffers from a directory traversal vulnerability.
1fad220bd9b74144259838fdc1996fc91aa92055bf12ec9962731c4a8aa8c02dExaGrid ships a public/private key pair on their backup appliances to allow passwordless authentication to other ExaGrid appliances. Since the private key is easily retrievable, an attacker can use it to gain unauthorized remote access as root. Additionally, this module will attempt to use the default password for root, 'inflection'.
6419b730a7ee3c530fa2f749d16fed9db9fdd5f7fd2e5f1924a1837f4f477dd1Some installations of Postgres 8 and 9 are configured to allow loading external scripting languages. Most commonly this is Perl and Python. When enabled, command execution is possible on the host. To execute system commands, loading the "untrusted" version of the language is necessary. This requires a superuser. This is usually postgres. The execution should be platform-agnostic, and has been tested on OS X, Windows, and Linux. This Metasploit module attempts to load Perl or Python to execute system commands. As this dynamically loads a scripting language to execute commands, it is not necessary to drop a file on the filesystem. Only Postgres 8 and up are supported.
35a6a49124ad62dab21bd8ac5c63333438e1b0e3ebfa9c2ae8f568b3ec88f1c1The GET_CONFIG and GET_PARAMETER calls on IOMX are vulnerable to an information disclosure of uninitialized heap memory. This could be used by an attacker to break ASLR in the media server process by reading out heap memory which contains useful address information.
5261311e4609875cedbf0b094d7a84ece67c7f5bb756289665b882bc2cd7d449The IMemory interface in frameworks/native/libs/binder/IMemory.cpp, used primarily by the media services can be tricked to return arbitrary memory locations leading to information disclosure or memory corruption.
b2733bc9c4f2368575e5664c639831ee56ed7c5575c89a4d6b41f8c514f1132aHikvision Digital Video Recorder versions LV-D2104CS, DS-7316HFI-ST, DS-7216HVI-SV/A, DS-7208HVI-SH, and DS-7204HVI-SH suffer from a cross site request forgery vulnerability.
15541a45ae5db01ad47759f2da7a02a07d53f8ded2f08a88de1f78dc24ee3d91A local privilege escalation vulnerability has been identified in the JTVNCProxy Windows service in JAWS version 13.0 and earlier. When installed, this service allows Read/Write access to any user, meaning any user can modify the location of the binary executed by the service with SYSTEM privileges. It should be noted that this vulnerability is not present in versions of JAWS from version 14 onwards.
bee135cc21b06f91f9c7f6b6ceb2d3463f5dc94cf506a5010c27657ab06af436
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed