Human Resource Information System version 0.1 suffers from a remote code execution vulnerability.
c139e5c61c62259488f405263626f9edRed Hat Security Advisory 2021-1515-01 - Openshift Logging Bug Fix Release. Issues addressed include code execution, denial of service, and deserialization vulnerabilities.
4a8801f122d4f1ab719b39115fcdbc70Ubuntu Security Notice 4937-1 - Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution.
1ce6ba4e9126d4f4a6fd550fa9b85f39Schlix CMS version 2.2.6-6 suffers from a remote code execution vulnerability.
452f6ea7f2b3d9d995035faed8e27e68Red Hat Security Advisory 2021-1499-01 - Red Hat Advanced Cluster Management for Kubernetes 2.2.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Issues addressed include code execution and denial of service vulnerabilities.
9fa6e15f10dd357f27055d0ae74fa8b8Xmind version 2020 suffers from a cross site scripting vulnerability that can lead to remote code execution.
0aa58c11da5078309f0298413b4b6af0Tagstoo version 2.0.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.
e4b6ab6f7999504181314036d2b0450fMarky version 0.0.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.
74707d766ab19b04932b9237c3a6d5d3StudyMD version 0.3.2 suffers from a cross site scripting vulnerability that can lead to remote code execution.
cbfd49b77368fa80f642c26d16b25bd9SnipCommand version 0.1.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
34dc1fa9d8c9fea6965bfb141eda50dcMoeditor version 0.2.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
b0c0438485c278a52b8c28165066b879Markdownify version 1.2.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
272e2be2bcd3f56bdee0ae91eeb7f6fcFreeter version 1.2.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.
421a6cd9fb0aa8724ee7bac6f207589cMarkdown-Explorer version 0.1.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.
fc8011faa7d4469e905701a412002aa4Markright version 1.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
27ffce544295ac86520059fda8ba05d8Anote version 1.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
c98f692b1329edf4579802618c8eff5bBackdoor.Win32.NinjaSpy.c malware suffers from a code execution vulnerability.
c8a0aa3d15193fc281930f597c715d57This Metasploit module exploits an arbitrary config write/update vulnerability to achieve remote code execution. Unauthenticated users can execute a terminal command under the context of the web server user. Grav Admin Plugin is an HTML user interface that provides a way to configure Grav and create and modify pages. In versions 1.10.7 and earlier, an unauthenticated user can execute some methods of the administrator controller without needing any credentials. Particular method execution will result in arbitrary YAML file creation or content change of existing YAML files on the system. Successfully exploitation of that vulnerability results in configuration changes, such as general site information change, custom scheduler job definition, etc. Due to the nature of the vulnerability, an adversary can change some part of the webpage, or hijack an administrator account, or execute operating system commands under the context of the web-server user.
63383ada747fab87a6ca9244ce96bf27Apple Security Advisory 2021-05-03-3 - watchOS 7.4.1 addresses a code execution vulnerability.
99ccbf016b73734b1b6cc11ee6424f31Shenzhen Skyworth RN510 suffers from a buffer overflow vulnerability that allows for remote code execution.
c76a4953a5d03547fa6bba3ff4b8836fApple Security Advisory 2021-05-03-4 - macOS Big Sur 11.3.1 addresses code execution and integer overflow vulnerabilities.
d0ff0760d53f2d697a10897f9f169763Apple Security Advisory 2021-05-03-1 - iOS 14.5.1 and iPadOS 14.5.1 addresses code execution and integer overflow vulnerabilities.
a8a4944ad26eb954c1cb9c551ceb39d3Apple Security Advisory 2021-05-03-2 - iOS 12.5.3 addresses buffer overflow, code execution, integer overflow, and use-after-free vulnerabilities.
82523f50ed01be666ae29e54a3e854f7Gadget Works Online Ordering System version 1.0 remote SQL injection to remote code execution exploit.
54fabd3d8fd2ef1bf66e8982e1447134The Custom JS plugin version 0.1 for GetSimple CMS suffers from a cross site request forgery vulnerability that allows remote unauthenticated attackers to inject arbitrary client-side code into authenticated administrators browsers, which results in remote code execution on the hosting server, when an authenticated administrator visits a malicious third party website.
f84e4d61a61db6947381a07172b5af44
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed