Red Hat Security Advisory 2023-5048-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
1b365a34b16889359fcc8481b976ae49cc7c6cc9c698ea9b0de82a0cb18aa06fVMware vRealize Log Insights versions 8.x contain multiple vulnerabilities, such as directory traversal, broken access control, deserialization, and information disclosure. When chained together, these vulnerabilities allow a remote, unauthenticated attacker to execute arbitrary commands on the underlying operating system as the root user. This Metasploit module achieves code execution via triggering a RemotePakDownloadCommand command via the exposed thrift service after obtaining the node token by calling a GetConfigRequest thrift command. After the download, it will trigger a PakUpgradeCommand for processing the specially crafted PAK archive, which then will place the JSP payload under a certain API endpoint (pre-authenticated) location upon extraction for gaining remote code execution. Successfully tested against version 8.0.2.
2e4132d3093987ff065179429e52ff5e9baad8185fde7f58136c18d0aa950a90Red Hat Security Advisory 2023-5042-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
46ad0e6a3d2fc6630d26645b5800104de631a00aae30f64ab569b6d49ea99c23Apple Security Advisory 2023-09-07-2 - iOS 16.6.1 and iPadOS 16.6.1 addresses buffer overflow and code execution vulnerabilities.
fd20b111827d07d8bda96091f843054ac7d0ea5fa60ccac308e10fe281177b55Red Hat Security Advisory 2023-5043-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
278844d653bdf17304891f0eabf2b305ad2eecae048f026a410cff5f45d0db39Apple Security Advisory 2023-09-07-1 - macOS Ventura 13.5.2 addresses buffer overflow and code execution vulnerabilities.
7fa91002f2a7602d06f544259143bc3f6377087ecef2b48129989da01a360c92This Metasploit module exploits a vulnerability in WinRAR (CVE-2023-38831). When a user opens a crafted RAR file and its embedded document, the decoy document is executed, leading to code execution.
28f3b59d37ee5a8aa6ff17510a7cd49a93cb8fcb3b1027ca4545c6a2e7de6f4fThis Metasploit module exploits broken access control and directory traversal vulnerabilities in LG Simple Editor software for gaining code execution. The vulnerabilities exist in versions of LG Simple Editor prior to v3.21. By exploiting this flaw, an attacker can upload and execute a malicious JSP payload with the SYSTEM user permissions.
6932d8048db104bdeaa927b23fea68a29152e32fd74b6498bd70fa53bbc37270This Metasploit module exploits a series of vulnerabilities - including auth bypass, SQL injection, and shell injection - to obtain remote code execution on SonicWall GMS versions 9.9.9320 and below.
90d7acef05664be1e0b28da7f711f5c30f094179ef8916c47f28a2418a07056eThis Metasploit module exploits an unauthenticated command injection vulnerability in the key parameter in OpenTSDB through 2.4.1 in order to achieve unauthenticated remote code execution as the root user. The module first attempts to obtain the OpenTSDB version via the api. If the version is 2.4.1 or lower, the module performs additional checks to obtain the configured metrics and aggregators. It then randomly selects one metric and one aggregator and uses those to instruct the target server to plot a graph. As part of this request, the key parameter is set to the payload, which will then be executed by the target if the latter is vulnerable. This module has been successfully tested against OpenTSDB version 2.4.1.
34f1ed88046d0a1cb1d6424711b6f621117f401a0d42ebfc307dc277ada181d2Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This leads to an arbitrary command execution with permissions of the Kibana process on the host system. Exploitation will require a service or system reboot to restore normal operation. The WFSDELAY parameter is crucial for this exploit. Setting it too high will cause MANY shells (50-100+), while setting it too low will cause no shells to be obtained. WFSDELAY of 10 for a docker image caused 6 shells.
218aabf6c87ec8ccc508ad1d2d5d2ca8b265eead008ca12a1926cb66c80614abWordPress Media Library Assistant plugin versions prior to 3.10 are affected by an unauthenticated remote reference to Imagick() conversion which allows attacker to perform local file inclusion and remote code execution depending on the Imagick configuration on the remote server.
215d90f7b23ba2c6491523ea488e0b6086485144b12a9481dd5f5a3182326981Ivanti Avalanche versions prior to 6.4.0.0 suffer from a remote code execution vulnerability.
fbb31ff5f38dd146b12a471e205d680b8205fc2fdb41ac774f03201dcb313808VMWare Aria Operations for Networks (vRealize Network Insight) static SSH key remote code execution proof of concept exploit.
ae67475970c05c39bc93428dddf3a98ddfed987c1bd13fb23f729e242a686959Red Hat Security Advisory 2023-4889-01 - The DevWorkspace Operator extends OpenShift to provide DevWorkspace support. Issues addressed include a code execution vulnerability.
903adfa69d078e0a5ec7e59ab81c4797891534ed0e68348a9ada32b2fb46db1dThe DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. This exploit will result in several shells (5-7). Successfully tested against Apache nifi 1.17.0 through 1.21.0.
0160a2622a4649020abd8fb0d476ca59d2c4968c668499c8167e44d6c9276020A proof of concept exploit for chaining four CVEs to achieve remote code execution in Juniper JunOS within SRX and EX Series products.
ab0b70a7cc6a4a947d8faceced29674fb6ad7bf45e8a329120e642cb825e3c05GOM Player version 2.3.90.5360 man-in-the-middle proof of concept remote code execution exploit.
f2826517a53fda0ce64b48c45b78c7b264d5e4695963f36c0f2cda3c61797dceRed Hat Security Advisory 2023-4694-01 - Red Hat OpenStack Platform (RHOSP) 16.2.z (Train) director Operator containers are now available. Issues addressed include a code execution vulnerability.
df5b6bf27415d0f0788ad8872c30f911b13af6a0a83ca9e18061e9c719c9225bThis Metasploit module exploits an unauthenticated remote code execution vulnerability in Jorani versions prior to 1.0.2. It abuses log poisoning and redirection bypass via header spoofing and then it uses path traversal to trigger the vulnerability. It has been tested on Jorani 1.0.0.
a4309a794ac0f54cb65920512a047c08d1fe2fb20e8fd4e92250ccc7c03334baRed Hat Security Advisory 2023-4612-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.7.13 serves as a replacement for Red Hat support for Spring Boot 2.7.12, and includes security, bug fixes and enhancements. For more information, see the release notes linked in the References section. Issues addressed include bypass, code execution, denial of service, and deserialization vulnerabilities.
9fce17aaf4b1e17b6dd5371a535e817dbb5fd71c7e4c095fca880dd19e594fbdRed Hat Security Advisory 2023-4582-01 - Red Hat OpenStack Platform 17.1 (Wallaby) director Operator containers are now available. Issues addressed include a code execution vulnerability.
83d9f3399f06049a50aecd7cab6994d78263156f001b66a39abef4a0dfe9753bUbuntu Security Notice 6289-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
56a23505c39e15a9992e4da11ed2253e380d5dccf0c819aca7b95fda96df2aafUbuntu Security Notice 6278-2 - USN-6278-1 fixed several vulnerabilities in .NET. This update provides the corresponding updates for Ubuntu 22.04 LTS. It was discovered that .NET did properly handle the execution of certain commands. An attacker could possibly use this issue to achieve remote code execution.
bbe5ad0ccef22ad3d5b80f2a669f69b1767e2bc58e7c496afd4da28a17cdf5c5Maltrail version 0.53 suffers from an unauthenticated remote code execution vulnerability.
70b042d50fdc203d8e1986d293b79d29dfbe257b66f324c957458fd97107fff0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed