This Metasploit module exploit a remote SQL injection vulnerability in the CBEC service of DIAEnergie versions 1.10 and below from Delta Electronics. The commands will get executed in the context of NT AUTHORITY\SYSTEM.
bc4decf9aef605b2aae1085d9e9000478f002049033c464b464f96b76bc2de05This Metasploit module exploits a remote code execution vulnerability in SPIP versions up to and including 4.2.12. The vulnerability occurs in SPIP's templating system where it incorrectly handles user-supplied input, allowing an attacker to inject and execute arbitrary PHP code. This can be achieved by crafting a payload manipulating the templating data processed by the echappe_retour() function, invoking traitements_previsu_php_modeles_eval(), which contains an eval() call.
220b4c7418ac511ddb8ab8d9f4dfe87f0368c9ca91b9699fa9d3b9a0c425f434Ubuntu Security Notice 6972-2 - Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service.
acaa7aeb3c375a4913a07e5d0aa74402fb2d43b16512470a070fadc35ed53462Ubuntu Security Notice 6979-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
45181d380e756f99b4eeeafa375e2c8cc12259e016b7c9172bb138604b02156dUbuntu Security Notice 6977-1 - It was discovered that QEMU did not properly handle certain memory operations, which could result in a buffer overflow. An attacker could potentially use this issue to cause a denial of service. It was discovered that QEMU did not properly handle certain memory operations, which could result in an out-of-bounds memory access. An attacker could potentially use this issue to cause a denial of service.
31d1bdfdc6fc105ffcfd4e1096481518e407a7a1dbed5f0f8229a05cbe5ec5dcUbuntu Security Notice 6976-1 - Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service.
05b1dd718bcd1e6c1a1d60a1aa46ca6c1f9381e6b519d89cafc379f7b4ae0c4aAVMS Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
44299386859b222bfbf61e5b31081de5872353d1be32639a637563ae9c557c3fOnline Survey System version 1.0 suffers from a cross site request forgery vulnerability.
1a8a2162f7198c94e3a7a2074b359647560838bca812bf35063898e1369b291fUbuntu Security Notice 6975-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
bdbf783ae2bb086c153ff04ceabbbf9469fac746a3e2f55ff403317aa26a90c0Online Shopping System Master version 1.0 suffers from a cross site request forgery vulnerability.
ec28b7dc51e264cb04c1e8e3870cd8fdd5449455b044c3f6ec4543ad63680763Ubuntu Security Notice 6974-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
ffb2216b07e161e88d2311d19022e8e8ecb9fc9e20ffd637fba1559db0cfb5f3Ubuntu Security Notice 6973-1 - It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
fbca997e8fb0b0108b19ed617ab716e3ace23ba2704b068d8f598bc8a75cc406Ubuntu Security Notice 6972-1 - Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service.
7044bddad2c32a2e95843e009e31f1f4c2072c24a8eedbaf8408e0060bfface0Ubuntu Security Notice 6971-1 - It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system.
bb97a71e3a2da8d2428ea43816dc2f48de1c69cd5614a154d05c65d34cbda670Ubuntu Security Notice 6951-4 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
2e3a6db3903dd7ff1828623ddc100aac2e91d93abaa3a75a243873864d1eb7e3Ubuntu Security Notice 6950-4 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
2ffb7a8fcdb048d1878d536775b9a5dc1a6dfde0457ba9427be3df3622cc57cdOnline Banking System version 1.0 suffers from an arbitrary file upload vulnerability.
21c5ff52ac4e90c5da3505e6a12e81117f3b56db76ac19fc375e8dd30243e7eeOnline ID Generator version 1.0 suffers from a cross site request forgery vulnerability.
6bea3851805bc73fbc61ca199c17a6806d1bdfb4d5fc1050218d00fb38f0cf0cRed Hat Security Advisory 2024-5749-03 - The components for Red Hat OpenShift for Windows Containers 10.16.1 are now available.
7f1b9147b8b48896815634ad24330781a0d14e2bae9524dbca09c8fbbb8190c6Red Hat Security Advisory 2024-5745-03 - The components for Red Hat OpenShift for Windows Containers 10.15.3 are now available.
2a472f2663c8e786a51436e3044912225ec85ad38c92226fdc4b945a82df8a3cRed Hat Security Advisory 2024-5444-03 - Red Hat OpenShift Container Platform release 4.13.48 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution and memory exhaustion vulnerabilities.
a3ab05d9484886352dbb4c1c326ee809988aa5aa7d2642b20d3842b737387ec6Red Hat Security Advisory 2024-5442-03 - Red Hat OpenShift Container Platform release 4.15.28 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory exhaustion vulnerability.
520817700001c28f2940df0b5242d4f5bca8671e9f9ff2d982802aff8c65da31Red Hat Security Advisory 2024-5439-03 - Red Hat OpenShift Container Platform release 4.15.28 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory exhaustion vulnerability.
cda0ec216c331b869a170319b157174e9add6c7b7585cc7e0e97ebbb1ff83d12Red Hat Security Advisory 2024-5436-03 - Red Hat OpenShift Container Platform release 4.14.35 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory exhaustion vulnerability.
6088ec3a7928c7bd579e85cbee5766815f54cc93e1d19210ecb0a303b5c374bcRed Hat Security Advisory 2024-5433-03 - Red Hat OpenShift Container Platform release 4.14.35 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and memory exhaustion vulnerabilities.
12ef67d1bad4f8e2a034c4535b044e05c6814ba2571f105f214c186a3d7d209c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed