This Metasploit module uses QEMU's Monitor Human Monitor Interface (HMP) TCP server to execute system commands using the migrate command. This module has been tested successfully on QEMU version 6.2.0 on Ubuntu 20.04.
31bb8b20fecf053ea400a06b2e8d39f22d910c3d0025edb6108fcff42b5aa6e0Ubuntu Security Notice 5276-1 - It was discovered that the NVIDIA graphics drivers incorrectly handled permissions in the kernel mode layer. A local attacker could use this issue to write to protected memory and cause a denial of service.
d50dcfc92772fd94f09c1ba41be3847ec98174ed8719d0aa6d49b3d232f51071Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.
94ccd60e04e558f33be73032bc84ea241660f92f58cfb88789bda6893739e31cThis Metasploit module exploits the mishandling of a password reset in JSON for Strapi CMS version 3.0.0-beta.17.4 to change the password of a privileged user.
4ac993e145c27d7ed64c4f6e44f4afc8411b55cf2ca926dd259851fb7f0b8399PHP Everywhere versions 2.0.3 and below suffer from multiple remote code execution vulnerabilities.
6a2dcc3898ac3a1b90915521a41f2d6e5e9592121ab91ccecbf993baae2e11e2Wing FTP Server versions 4.3.8 and below suffer from an authenticated remote code execution vulnerability.
998c2be0b0522190dcae0ebfec889301aac9b989c5003477f006c606eb368b95Ubuntu Security Notice 4754-5 - USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a subsequent update removed the fix for CVE-2021-3177. This update reinstates the security fix for CVE-2021-3177 in Ubuntu 14.04 ESM. It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.
9e8d8ce75e1b0efee0c9fad596fdf37e5d67da5cb097f2e4e4915445223eec1aWordPress Simple Job Board plugin version 2.9.3 suffers from a local file inclusion vulnerability.
1c0762cbbdf0cad69fbecfc2a0c104e5004578ae2a294ea6aa61444f545b85e5Hotel Reservation System version 1.0 suffers from a remote SQL injection vulnerability.
3e3bd465473a891d15ca7aa3fe85b68cc8c103202b6abfc4b735e6be274a0dca171 bytes small Windows/x86 shellcode with a new method to find the kernel32 base address by walking down the stack and look for a possible Kernel32 address using a custom SEH handler. Each address found on the stack will be tested using the Exception handling function. If it's valid and starts with 7, then it's a possible kernel32 address.
e7941faf4a7799cf5e35fcf962b075b17a9570e4f37e959633b2962f8d3bf53dWordPress Contact Form Builder plugin version 1.6.1 suffers from a cross site scripting vulnerability.
c2aed020b69b3271a6d80de4fbc36f467a697182b885b1fddf62504fa5ff9b7cUbuntu Security Notice 5275-1 - Ziming Zhang discovered that BlueZ incorrectly handled memory write operations in its gatt server. A remote attacker could possibly use this to cause BlueZ to crash leading to a denial of service, or potentially remotely execute code.
e4846f0450518360a0af3f0bdc909b173ba63f387de6d8987c18391cec5b64c5WordPress CP Blocks plugin version 1.0.14 suffers from a persistent cross site scripting vulnerability.
bedb8478a29285dc470e60f39b23e35602d1c730daced78189b47d9a01b242beWordPress Security Audit plugin version 1.0.0 suffers from a persistent cross site scripting vulnerability.
e98bf641562461f1caee2b8d7c7754ff37849a553b250522cd10dd20f10e4661FileBrowser versions 2.17.2 and below suffer from a cross site request forgery vulnerability that can lead to remote code execution.
b79b4ba2c2abdc66f00abf630f5a12a9d519f5ebc3ebe0912769a71d16127880
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed