m1k1o's Blog versions 1.3 and below suffer from an authenticated remote code execution vulnerability.
2b47e9371ac01f9cd3b2a32ec2b181b1cd6add45c1a4c22f0a31ba5ce0bfacb1Apple Security Advisory 2022-05-16-7 - Safari 15.5 addresses code execution and use-after-free vulnerabilities.
767022408f3eea396ba6ad75f3fb2a82e28d7de55bff343e4643bc50e80db3a4Apple Security Advisory 2022-05-16-6 - tvOS 15.5 addresses bypass, code execution, integer overflow, out of bounds access, out of bounds write, and use-after-free vulnerabilities.
5480893244307a0f7793b1e15ce9f59e15579367d1804417f9bc81c154d6f4acApple Security Advisory 2022-05-16-5 - watchOS 8.6 addresses bypass, code execution, integer overflow, out of bounds access, out of bounds write, and use-after-free vulnerabilities.
fcb6dedf7ecf800ff5544046d1316a1df6c389b573da6a5559a7fdfb740d5acdWordPress Tatsu Builder plugin versions prior to 3.3.13 suffer from an unauthenticated remote code execution vulnerability.
632f285a1a3ec46f04fb233958d273d11b2e22568b10b2920f52c77d06e276eaApple Security Advisory 2022-05-16-4 - Security Update 2022-004 Catalina addresses bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
1457e96d61b184fbf3ed170c9802dbce7d15ed833ab54d7784b078ed15b160e1Apple Security Advisory 2022-05-16-3 - macOS Big Sur 11.6.6 addresses bypass, code execution, denial of service, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
af1dee885ed55571356a89ad5ec67b39171a32fbf8125781c35f906717d83516Apple Security Advisory 2022-05-16-2 - macOS Monterey 12.4 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
c8eee02086d45b9c9a2776ce254bee0daede9360e0231556fd5fec341d3407c0Apple Security Advisory 2022-05-16-1 - iOS 15.5 and iPadOS 15.5 addresses bypass, code execution, denial of service, integer overflow, out of bounds access, out of bounds write, and use-after-free vulnerabilities.
dde1d552c35f2995a88956c43d2ed8e85b607bc8d90f69562c2416a22d95e796A use-after-free issue exists in Chrome 100 and earlier versions. A malicious extension can achieve arbitrary code execution in the browser process.
595428413ed6af41648e85f12bfacfc4d3b4b659dea62dab16b66777c9ddb014This Metasploit module exploits an authentication bypass vulnerability in the F5 BIG-IP iControl REST service to gain access to the admin account, which is capable of executing commands through the /mgmt/tm/util/bash endpoint. Successful exploitation results in remote code execution as the root user.
bb3a5bef34f53053f0da7eec9cad038bc4f47a0997b2e9cd601a17a1f034a0adF5 BIG-IP version 16.0.x remote code execution exploit.
f5638973e5c1c81d7b5bf21977de0671c9081697e4ab7ad0ccd0963b8abf883cRuijie Reyee mesh routers with ReyeeOS version 1.55.1915 EW_3.0(1)B11P35 and EW_3.0(1)B11P55 suffer from a remote code execution vulnerability.
9905dae507eb8530625d18dd769fb31462b102ba1ef93e4d98767d53ee920b23MyBB version 1.8.29 suffers from a remote code execution vulnerability.
b1964aa112c7c928f79b7073c01f6cb887bfbe9b8361eee6191d68c8574b9832Google Chrome version 78.0.3904.70 suffers from a use-after-free vulnerability that allows for remote code execution.
a9832a52e5893b9811e27a815ed2c4abdf52b38a82a53ef447ac4925b565d934ExifTool version 12.23 suffers from an arbitrary code execution vulnerability.
64cc166efac5cd6f78570d3b6a1c98c138fa2b30ed3484dfc3395c62d10feda4Red Hat Security Advisory 2022-1777-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include buffer overflow, bypass, code execution, cross site scripting, information leakage, out of bounds read, and use-after-free vulnerabilities.
1b42edcf15bc395449a2f06f7c24ba1c5002c9b86ced5974af0fc8fe1f4ffeb1Wondershare Dr.Fone version 12.0.7 suffers from a remote privilege escalation vulnerability related to InstallAssistService.
a3ca086aaee9815db47169d05015172838263bd40febdcb38df1c6cb82a029a2Apache CouchDB version 3.2.1 suffers from a remote code execution vulnerability.
f1687dd02add8cf6fd95b916d13ebd9d1a2a3752722f49c27c7755203c138d46Bitrix24 authenticated remote code execution exploit.
027245d4b807193df682564c0a69f20454eca5f9257d34bde5daf3eb00760060Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older versions when running on JDK 9 or above and specifically packaged as a traditional WAR and deployed in a standalone Tomcat instance are vulnerable to remote code execution due to an unsafe data binding used to populate an object from request parameters to set a Tomcat specific ClassLoader. By crafting a request to the application and referencing the org.apache.catalina.valves.AccessLogValve class through the classLoader with parameters such as the following: class.module.classLoader.resources.context.parent.pipeline.first.suffix=.jsp, an unauthenticated attacker can gain remote code execution.
4590ce696ecbca17f3c4027cb21a644324b71e6b9b2bc3d539bb3272e79bf2ebF5 BIG-IP remote code execution proof of concept exploit that leverages the vulnerability identified in CVE-2022-1388.
2c3224e25af9797e9d7139c7d759da88b2eae07b09d164c4bf3a7423cfb95c06A use-after-free issue exists in Chrome 100 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser process.
84b488e3a4db5db9d8a3df99b628eaaf0e1c8d462ed33ed2d967d6a09c443252This Metasploit module exploits an arbitrary file write in the debug log file option chained with a path traversal in the language settings that leads to remote code execution in ZoneMinder surveillance software versions before 1.36.13 and before 1.37.11
de41d6871c9da39a780698ac61a0da551342a2766821ef00b00ff323d0ac1fe6Ruijie RG-EW series routers suffer from six different remote code execution vulnerabilities. Findings were tested on Ruijie RG-EW1200 and Ruijie RG-EW1200G PRO.
afc11add2a38d6b294427cd246c931f425417794c6ce79f0f9a682f5ccbf3cd2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed