exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 7,603 RSS Feed

Code Execution Files

Debian Security Advisory 5632-1
Posted Mar 15, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5632-1 - It was discovered that composer, a dependency manager for the PHP language, processed files in the local working directory. This could lead to local privilege escalation or malicious code execution. Due to a technical issue this email was not sent on 2024-02-26 like it should have.

tags | advisory, local, php, code execution
systems | linux, debian
advisories | CVE-2024-24821
SHA-256 | 41b32f3945ea62d6717b9bcf3c2f3261d62077b5c247d91363fa5b2bd9022945
Hunting Down The HVCI Bug In UEFI
Posted Mar 14, 2024
Authored by Satoshi TANDA, Andrea Allievi | Site tandasat.github.io

This post details the story and technical details of the non-secure Hypervisor-Protected Code Integrity (HVCI) configuration vulnerability disclosed and fixed with the January 9th update on Windows. This vulnerability, CVE-2024-21305, allowed arbitrary kernel-mode code execution, effectively bypassing HVCI within the root partition.

tags | advisory, arbitrary, kernel, root, code execution
systems | windows
advisories | CVE-2024-21305
SHA-256 | 9d64188a47060dad96a12b2b5fc06e5f3f52c1141722943d26696fa195cc355b
JetBrains TeamCity Unauthenticated Remote Code Execution
Posted Mar 14, 2024
Authored by sfewer-r7 | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in JetBrains TeamCity. An unauthenticated attacker can leverage this to access the REST API and create a new administrator access token. This token can be used to upload a plugin which contains a Metasploit payload, allowing the attacker to achieve unauthenticated remote code execution on the target TeamCity server. On older versions of TeamCity, access tokens do not exist so the exploit will instead create a new administrator account before uploading a plugin. Older versions of TeamCity have a debug endpoint (/app/rest/debug/process) that allows for arbitrary commands to be executed, however recent version of TeamCity no longer ship this endpoint, hence why a plugin is leveraged for code execution instead, as this is supported on all versions tested.

tags | exploit, remote, arbitrary, code execution, bypass
advisories | CVE-2024-27198
SHA-256 | 68370990799fd1605fae05ac9ac3f36fd6659508fbfeef67d22e3cf720e8fa87
Apple Security Advisory 03-12-2024-1
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-12-2024-1 - GarageBand 10.4.11 addresses code execution and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2024-23300
SHA-256 | cf1feda0632734f3eac97a03cb231aca57c5c2445e35cdacbbac27e26d43b080
Apple Security Advisory 03-07-2024-7
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2024-23220, CVE-2024-23225, CVE-2024-23226, CVE-2024-23235, CVE-2024-23246, CVE-2024-23254, CVE-2024-23257, CVE-2024-23258, CVE-2024-23262, CVE-2024-23263, CVE-2024-23264, CVE-2024-23265, CVE-2024-23284, CVE-2024-23286
SHA-256 | bb37d3d885c05665df5e0348f90e65516bd9024d109db00efe75183960a1ab40
StimulusReflex 3.5.0 Arbitrary Code Execution
Posted Mar 14, 2024
Authored by lixts

StimulusReflex versions 3.5.0 up to and including 3.5.0.rc2 and 3.5.0.pre10 suffer from an arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
advisories | CVE-2024-28121
SHA-256 | 9e5263d5183618a2c41a25b126b245bfa777329a2f535120971b95cdc71f0486
Apple Security Advisory 03-07-2024-6
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2022-48554, CVE-2024-0258, CVE-2024-23225, CVE-2024-23226, CVE-2024-23235, CVE-2024-23239, CVE-2024-23241, CVE-2024-23246, CVE-2024-23250, CVE-2024-23254, CVE-2024-23263, CVE-2024-23264, CVE-2024-23265, CVE-2024-23270
SHA-256 | 75dbd070cadb95c190fb2c3e720880078476efddd8b02e812bc1c594dfa6e86f
Apple Security Advisory 03-07-2024-5
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-07-2024-5 - watchOS 10.4 addresses buffer overflow, bypass, and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2022-48554, CVE-2024-0258, CVE-2024-23225, CVE-2024-23226, CVE-2024-23231, CVE-2024-23235, CVE-2024-23239, CVE-2024-23246, CVE-2024-23250, CVE-2024-23254, CVE-2024-23263, CVE-2024-23265, CVE-2024-23278, CVE-2024-23280
SHA-256 | 6df43170bd5fc352fd321acd5fe231d753158fd667fcbe6941a1ccefd16eb11a
Apple Security Advisory 03-07-2024-4
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-07-2024-4 - macOS Monterey 12.7.4 addresses buffer overflow, bypass, code execution, and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2023-28826, CVE-2024-23201, CVE-2024-23204, CVE-2024-23216, CVE-2024-23218, CVE-2024-23225, CVE-2024-23227, CVE-2024-23230, CVE-2024-23234, CVE-2024-23244, CVE-2024-23245, CVE-2024-23247, CVE-2024-23257, CVE-2024-23264
SHA-256 | 6d34d98987ed9e7f5bc383bd22eb781faef984e2518dc2398e1701abcb1cdd3b
Apple Security Advisory 03-07-2024-3
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-07-2024-3 - macOS Ventura 13.6.5 addresses buffer overflow, bypass, code execution, and out of bounds write vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2023-28826, CVE-2024-23201, CVE-2024-23203, CVE-2024-23204, CVE-2024-23216, CVE-2024-23217, CVE-2024-23218, CVE-2024-23225, CVE-2024-23227, CVE-2024-23230, CVE-2024-23231, CVE-2024-23234, CVE-2024-23245, CVE-2024-23247
SHA-256 | a73a9b93cfdd3db0327dd1d8307d169f4dba16169f4b090abd5020a3d9a70efe
Apple Security Advisory 03-07-2024-2
Posted Mar 14, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 03-07-2024-2 - macOS Sonoma 14.4 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2022-42816, CVE-2022-48554, CVE-2023-42853, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-0258, CVE-2024-23205, CVE-2024-23216, CVE-2024-23225, CVE-2024-23226, CVE-2024-23227, CVE-2024-23230, CVE-2024-23231
SHA-256 | 29c509ba93a9dc40af758aca80410a21c8239c2a3c115bac3d2acd0e1e6deea5
JetBrains TeamCity 2023.05.3 Remote Code Execution
Posted Mar 14, 2024
Authored by ByteHunter

JetBrains TeamCity version 2023.05.3 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-42793
SHA-256 | e1c264f19102d105794de4c6c20eaafe22944b48d40bf81b679d6529f26dcffb
Honeywell PM43 Remote Code Execution
Posted Mar 14, 2024
Authored by ByteHunter

Honeywell PM43 versions prior to P10.19.050004 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-3710
SHA-256 | af3705248c7122eb4d11be4c13209b3526cbee77ed228747c3f55800ef9fb1ef
Viessmann Vitogate 300 2.1.3.0 Remote Code Execution
Posted Mar 14, 2024
Authored by ByteHunter

Viessmann Vitogate 300 versions 2.1.3.0 and below suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-5222, CVE-2023-5702
SHA-256 | 86410aca0ad3a7245b8cb07735d4ec21669679039be68751fc1b43a423e0766a
Ruijie Switch PSG-5124 26293 Remote Code Execution
Posted Mar 14, 2024
Authored by ByteHunter

Ruijie Switch version PSG-5124 with software build 26293 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 31f3b0a900318bec9de9a1e9f67d893c6b3f4c63a3437484a3559c375ebb2fa0
Karaf 4.4.3 Remote Code Execution
Posted Mar 13, 2024
Authored by Andrzej Olchawa, Milenko Starcik | Site github.com

Karaf version 4.4.3 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 2f400975f659ce2b1411ab5f0648a7b24fbc5ff13c60a27cd18e2461d40bfd86
OSGi 3.7.2 Remote Code Execution
Posted Mar 13, 2024
Authored by Andrzej Olchawa, Milenko Starcik | Site github.com

OSGi versions 3.7.2 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | b58312b3c9ef3414d27ca17e2db9d015ffcd0263ed95cd4c31a69f65fd99f59d
OSGi 3.18 Remote Code Execution
Posted Mar 13, 2024
Authored by Andrzej Olchawa, Milenko Starcik | Site github.com

OSGi versions 3.8 through 3.18 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | f497ebf8b35afe62aa891bf6ce65680f2ac452e845456b06776d98729a31b50d
Numbas Remote Code Execution
Posted Mar 11, 2024
Authored by Matheus Boschetti

Numbas versions prior to 7.3 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2024-27612
SHA-256 | e0195e7e21a5182d8c8267f498108059037a2956810cf1cbc5880c33a370d809
Sitecore 8.2 Remote Code Execution
Posted Mar 11, 2024
Authored by Abhishek Morla

Sitecore version 8.2 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-35813
SHA-256 | bb3d70849315ed8ba0c15b23acace7c5306c6747aad0652046ed829b77617644
Artica Proxy 4.50 Unauthenticated PHP Deserialization
Posted Mar 6, 2024
Authored by Jaggar Henry | Site korelogic.com

The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user. Version 4.50 is affected.

tags | exploit, web, arbitrary, php, code execution
advisories | CVE-2024-2054
SHA-256 | 8e2ee354af5fde39323dcb9b78bd8d0b892172400746b1b66015b3a87cbd8630
Red Hat Security Advisory 2024-1188-03
Posted Mar 6, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1188-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include code execution, denial of service, memory leak, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability, code execution, memory leak
systems | linux, redhat
advisories | CVE-2021-43975
SHA-256 | f149b4e2e5b84c510b0c155de2d3290d8c9826d0679ef81dccc32677afb3f3aa
Red Hat Security Advisory 2024-1130-03
Posted Mar 6, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1130-03 - An update for openssh is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2023-48795
SHA-256 | 81ece00c1a0fa3af166446b3fac05f48fad824008e773bbee6b4296a6a0afd61
Red Hat Security Advisory 2024-1103-03
Posted Mar 6, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1103-03 - An update for emacs is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2022-45939
SHA-256 | 3261eb05c7b7aa00971bf8a50a1010b99c673a07b06af3d70c4e64d01fd527d5
JetBrains TeamCity Authentication Bypass / Remote Code Execution
Posted Mar 6, 2024
Authored by W01fh4cker | Site github.com

JetBrains TeamCity versions prior to 2023.11.4 remote authentication bypass exploit that can be leveraged for user addition and remote code execution.

tags | exploit, remote, code execution
advisories | CVE-2024-27198
SHA-256 | 1eb2994a182c4436527b7e141ca0fa83da6821b9a33465277fc30e0e77a404f3
Page 1 of 305
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close