Simple Inventory Management System version 1.0 suffers from a remote SQL injection vulnerability.
8e51d27e9d209102d0cc21f4fcd8ca293e548ced1856940a8a497960d3d17967
Flashcard Quiz App version 1.0 suffers from a remote SQL injection vulnerability.
2d19f05f546a17fd7531fb2d8505ca2f52f76ae282a5f46a1b55c2ced76fd1ef
FAQ Management System version 1.0 suffers from a remote SQL injection vulnerability.
2ea51098a949106e71b766b144109b1be9da517c51665344c9ebb17028a158a4
Backdoor.Win32.AutoSpy.10 malware suffers from a remote command execution vulnerability.
01433d0ad222e5da0927202b151b19c29afd6ce5f59f4e0b3302a97ed91a29bb
This Metasploit module exploits an authentication bypass vulnerability that allows an unauthenticated attacker to create a new administrator user account on a vulnerable ConnectWise ScreenConnect server. The attacker can leverage this to achieve remote code execution by uploading a malicious extension module. All versions of ScreenConnect version 23.9.7 and below are affected.
5465f1cab9f564966ac69e4c23f983ee109116e8a263d414680ea78f05ecbd2a
CMS Made Simple version 2.2.19 suffers from a remote code execution vulnerability.
a3ad3dd9895a3078f1d089deae8fbb53622866bb6909e7d8f5c58295b26bdf2f
This Metasploit module chains a server side request forgery (SSRF) vulnerability (CVE-2024-21893) and a command injection vulnerability (CVE-2024-21887) to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All currently supported versions 9.x and 22.x are vulnerable, prior to the vendor patch released on Feb 1, 2024. It is unknown if unsupported versions 8.x and below are also vulnerable.
517cb3bdebea0c5e8bc6b809e873babc0faf56250fbc150da2e1a5d269f4e7b7
Ubuntu Security Notice 6584-2 - USN-6584-1 fixed several vulnerabilities in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update provides the corresponding updates for CVE-2021-33912 andCVE-2021-33913 in Ubuntu 16.04 LTS. Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
c72593cd020b70c074deb6be89fd467cc478f83334792bd3c97e0f5753dae9cd
Fuelflow version 1.0 suffers from a remote SQL injection vulnerability.
f20df871b015a83f2890d65c542097b8e2ef692547a8a6b09c7f09efd6242502
Ubuntu Security Notice 6643-1 - Emre Durmaz discovered that NPM IP package incorrectly distinguished between private and public IP addresses. A remote attacker could possibly use this issue to perform Server-Side Request Forgery attacks.
c16ecfe30134498bd139552611380f432fae442982648114d6b239d58d36cbcb
Ubuntu Security Notice 6642-1 - Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.
59690fe75ddf72adb23e500a05f4e810c75b29c755af18781f7010d4def3deac
Petrol Pump Management Software version 1.0 suffers from a remote shell upload vulnerability.
17ba90fc439b26fdb9e7248c02187a9cca9a6bc58f83413a24bc776a007f4e2f
Tourism Management System version 2.0 suffers from a remote shell upload vulnerability.
1ae5b995d0df6c7d5380487c5e7a5f6326a545ef4255195c833afe8afb4e1c6c
Ubuntu Security Notice 6641-1 - Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains.
a7d9ffd24a024ab8781ee9e6e2b5c442a80ad8acaf458870a637f085aae82d59
Gentoo Linux Security Advisory 202402-28 - Multiple vulnerabilities have been discovered in Samba, the worst of which can lead to remote code execution. Versions greater than or equal to 4.18.9 are affected.
c1b77ea663583d7b2f9d45426761c56ddbb0b4ac671059fc79dbe605a5da5b12
Gentoo Linux Security Advisory 202402-25 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.7.0 are affected.
f6a33c383a67744f956589ebca1e53b97ec85a5c78492b16031da34f30606da1
Gentoo Linux Security Advisory 202402-24 - Multiple vulnerabilities have been discovered in Seamonkey, the worst of which can lead to remote code execution. Versions greater than or equal to 2.53.10.2 are affected.
741d35d4bdb23d0b8fa49dc043b5dea8050951485082052e828d295f45be0db1
Gentoo Linux Security Advisory 202402-23 - Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 121.0.6167.139 are affected.
f4454cfd0cbe05bc91dbf64927220dcb289f6b1c63b52526cc67f7720db5413e
Gentoo Linux Security Advisory 202402-18 - Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution. Versions greater than or equal to 4.97.1 are affected.
baabebed21673e40b564e5721f4a8c2ad8b2d62a34a694a4ab0c3fd9b9eddfdc
Employee Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of this finding is attributed to Ozlem Balci in January of 2024.
eac3ee07605d15d68a5d408fecb91498a9bfab9973368c0e16d4816f4539dc97
Gentoo Linux Security Advisory 202402-16 - Multiple vulnerabilities have been discovered in Apache Log4j, the worst of which can lead to remote code execution. Versions less than or equal to 1.2.17 are affected.
79e0825715a2197c39850bba10de0d238187f4c93dcdf24c6b31b702cdb3131e
WonderCMS version 4.3.2 remote exploit that leverages cross site scripting to achieve remote code execution.
371582d2faf62d5876bcf7818755a049e5f6d427635c029647db990dfb673374
User Registration and Login and User Management System version 3.1 suffers from a remote SQL injection vulnerability.
a778aabc9984b218ebd37f1e8af2db7ea6c66baaade706530c48a38013537c6f
Gentoo Linux Security Advisory 202402-14 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.12_p20240122 are affected.
f750ece2412bd442b32f28c4f91c17860985bcc25963c561ef6f01fd67d8ff64
Gentoo Linux Security Advisory 202402-13 - A vulnerability has been discovered in TACACS+ which could lead to remote code execution. Versions less than or equal to 4.0.4.27a-r3 are affected.
04638808355566c54197cb75af68f1998cbd5ed25d7e8f0a438f1ae5fb0072af