sar2html version 3.2.1 remote code execution exploit. Original discovery for this vector of attack is attributed to Furkan Kayapinar in August of 2019.
bc607c1eddfe53e9df710be0c5a8bb3dGotenberg versions 6.2.0 and below suffer from directory traversal, code execution, and insecure permission vulnerabilities.
a91eed6c85bc9e21292b509d9c121d3aZoom version 4.6.239.20200613 suffers from a Meeting Connector post-authentication remote root code execution vulnerability via the proxy server functionality. The latest Zoom client has this issue patched per Zoom.
502538df7bfbda265c17c493f89179b7URVE Software build version 24.03.2020 suffers from an authentication bypass that allows for remote code execution.
2558a7df11b7e0c0f83b775d7059d021The Apache Struts framework, when forced, performs double evaluation of attribute values assigned to certain tags attributes such as id. It is therefore possible to pass in a value to Struts that will be evaluated again when a tag's attributes are rendered. With a carefully crafted request, this can lead to remote code execution. This vulnerability is application dependant. A server side template must make an affected use of request data to render an HTML tag attribute.
a00ae15a323f6cf0ba8c86991a9f2707GitLab version 11.4.7 authenticated remote code execution exploit. Original discovery of this issue attributed to Mohin Paramasivam in December of 2020.
1a523ed1223d47bac34dc42a48d74d42TerraMaster TOS version 4.2.06 unauthenticated remote code execution exploit.
e329fd73d943bdbaa8923efb67b925a9Sony Playstation 4 versions prior to 6.72 ValidationMessage::buildBubbleTree() use-after-free webkit code execution proof of concept exploit.
ab340c3412432ae498f29d58faf96a8fSony Playstation 4 versions prior to 7.02 ValidationMessage::buildBubbleTree() use-after-free webkit code execution proof of concept exploit.
5e0adf2201a5e41591889202021a2e61The Pulse Connect Secure appliance versions prior to 9.1R9 suffer from an uncontrolled gzip extraction vulnerability which allows an attacker to overwrite arbitrary files, resulting in remote code execution as root. Admin credentials are required for successful exploitation.
59e340f2d15da503b7cef81774ba584fLinksys RE6500 version 1.0.11.001 unauthenticated remote code execution exploit.
34d1f8f139b30444d22bb826f0dd4811Dolibarr ERP-CRM version 12.0.3 authenticated remote code execution exploit.
a53f2f226549c4fbb20a1245b74026d7Red Hat Security Advisory 2020-5581-01 - python-XStatic-jQuery is the jQuery javascript library packaged for Python's setuptools. Issues addressed include code execution and denial of service vulnerabilities.
bd946b390d9987f8f45223214602819bRed Hat Security Advisory 2020-5568-01 - This release of Red Hat Fuse 7.8.0 serves as a replacement for Red Hat Fuse 7.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection, bypass, code execution, cross site scripting, denial of service, deserialization, file disclosure, information leakage, memory leak, out of bounds read, privilege escalation, server-side request forgery, and remote SQL injection vulnerabilities.
d8e688ff10347d02b3c18f5920c5dce5Red Hat Security Advisory 2020-5412-01 - python-XStatic-jQuery is the jQuery javascript library packaged for Python's setuptools. Issues addressed include a code execution vulnerability.
21e73315192b13aed7b1e70867c71f8bApple Security Advisory 2020-12-14-4 - macOS Big Sur 11.0.1 addresses buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, path sanitization, spoofing, and use-after-free vulnerabilities.
9c7103c2a488ff815bbfa9ad9fefd025Apple Security Advisory 2020-12-14-8 - Safari 14.0.2 addresses code execution and use-after-free vulnerabilities.
d8dbfed382ba7f4638e92dabe1b7adeaApple Security Advisory 2020-12-14-7 - tvOS 14.3 addresses code execution, information leakage, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
a1ea46bce600326cb059901be4832311Apple Security Advisory 2020-12-14-6 - watchOS 6.3 addresses a code execution vulnerability.
e7e46e39142fefbbf6d358c537f34e63Apple Security Advisory 2020-12-14-5 - watchOS 7.2 addresses code execution, information leakage, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
d2505f65db80270652432427ce0085c1Apple Security Advisory 2020-12-14-3 - macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
c8a3a8abb34f6861cefc3113b546ba00Apple Security Advisory 2020-12-14-2 - iOS 12.5 addresses a code execution vulnerability.
fbf2576e6d5d22b3036b0586915e2dd4Apple Security Advisory 2020-12-14-1 - iOS 14.3 and iPadOS 14.3 addresses code execution, information leakage, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
806dfdd340bfdb087b03de6805c37b4cRed Hat Security Advisory 2020-5493-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Issues addressed include code execution and cross site scripting vulnerabilities.
c7ced7e586f7032b34ec7986856038b4Raysync version 3.3.3.8 suffers form a remote code execution vulnerability.
bad3e5d9ea2541ef745fcd64164c3c25
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed