This Metasploit module exploits a remote command execution vulnerability in Zivif webcams. This is known to impact versions prior to and including 2.3.4.2103.
516dbce1194c92fcf25e36354d5e142eecc0029d53f110980f3fe7d7516701f7
This Metasploit module takes advantage of a poorly configured TACACS+ config, Arista's bash shell, and a TACACS+ read-only account to achieve privilege escalation.
86fccaf72b7727767295df0286ab1d606f02b1e49f7979bfafc39f16ae633df4
Ubuntu Security Notice 4398-1 - Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.
3954c3057f51bdeea1f0a11fe351cf019773eb2a7c3699a49847b7fc87597e44
Red Timmy Sec has discovered that Pulse Secure Client for Windows suffers from a local privilege escalation vulnerability in the PulseSecureService.exe service.
5f5a0396cb9bd8b8918531a470f34efbfce05c416ca68a1d578867b7468c1362
Netgear R7000 router remote code execution exploit that leverages a pre-authentication memcpy-based stack buffer overflow vulnerability.
d2bc33188494707131607d3b6428caca3cc95ef4510489bd1325974d0c042945
TP-LINK Cloud Cameras NCXXX suffer from a DelMultiUser stack overflow vulnerability.
8ceea48329dd3d48af63a7ccdec830b47ac2bcf4bf77d8735c577b80b70e19b4
Gila CMS version 1.11.8 suffers from a remote SQL injection vulnerability.
eaba5773c4589925a1a8bab289bbe21beb33d35ee7a3d7ec8281e3c755ae5ad7
Ubuntu Security Notice 4397-1 - It was discovered that NSS incorrectly handled the TLS State Machine. A remote attacker could possibly use this issue to cause NSS to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover DSA keys. Various other issues were also addressed.
2692888970cbb4e7e7c8fa5692c6beacf2f89b13d531ef62a9431f8e957091d9
SOS JobScheduler version 1.13.3 encrypts a secret by simply using the name of a profile as the key, making it trivial to decrypt.
fe2cf7ab1a965708745f8a3ccea8786f1c5edbfe5c3b8ab23a4f225c60f669af
MJML versions 4.6.2 and below suffer from a path traversal vulnerability.
166961aa7a1aa4863ba6a1c75fcc9e0116bd4fd9789c3759ca27ecb57c656da5
100 bytes small null-free Linux/ARM shellcode that binds /bin/sh to 0.0.0.0:1337/TCP.
7ee6a6fcc5e486b90d3866afa4de0159d3ef94aa1637076ecdb4c1ab24dbf700
Ubuntu Security Notice 4396-1 - It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a remote denial of service. It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information or cause a crash. Various other issues were also addressed.
e080558761a105024feebba02610f6c5581c07eff90a1cb0d2371deb7e830972
32 bytes small Linux/ARM execve /bin/dash shellcode.
fabc3a831bff99d6730f97c3240cc21f6d5c4711bd6f1b6ab992f145a704413d
Whitepaper called Reverse Engineering Android Application.
03e5ba468bb3c163bbe17ff13c9dd61e4ad74f21265e3843b27311865f9b6cba
Whitepaper called Detect SQL Injection WordPress Plugin using RegEx.
085b2a3d5011566b3a2e006830d12feacf5415f9dcda5ab618f5ff59125c9106
Whitepaper called Abusing Windows Data Protection API.
773a6f1530d77d0420be2e70d5bd4c5c42a05dd949691ff60a9439f5d56f0977
Gentoo Linux Security Advisory 202006-20 - A vulnerability was discovered in Asterisk which may allow local attackers to gain root privileges. Versions less than 13.32.0-r1 are affected.
098b0504d5efe865161f09c564c9d498f462b5dd82e00e1cc0e5c4405ebeca50
Gentoo Linux Security Advisory 202006-21 - A vulnerability has been discovered in Apache Tomcat which could result in the arbitrary execution of code. Versions less than 7.0.104:7 are affected.
4e91ca0fbc04224da0c0118ffbafc25e0bea5b24bcc0534b90146f8897b2f254
Gentoo Linux Security Advisory 202006-23 - An error in Cyrus IMAP Server allows mailboxes to be created with administrative privileges. Versions less than 3.0.13 are affected.
1e7bbbfed2c2de886311d93aac435e0c81676a96a5713624632764df5154c6ff
Gentoo Linux Security Advisory 202006-22 - Multiple vulnerabilities have been found in OpenJDK and IcedTea, the worst of which could result in the arbitrary execution of code. Versions less than 8.252_p09 are affected.
9786f753221d3cbe26d1a463069bea7bc3e917ebd5fc3b0803619260c98c6751
Red Hat Security Advisory 2020-2567-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
ab064e17571e79bac178b9a10ff5d569de64c697efeb51b8c21243f887a8895e
Gentoo Linux Security Advisory 202006-18 - Bubblewrap misuses temporary directories allowing local code execution. Versions less than 0.4.1 are affected.
555969fc9fd701b4c396387cf24658c3d2408d1c4b39557ef14b9df7ab9c723d
Gentoo Linux Security Advisory 202006-19 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 68.9.0 are affected.
1bfd8c4503f4ffbe217e1dae7f83434325e3fc877eae8b8349b71df5c1c7c6c0
Red Hat Security Advisory 2020-2562-01 - Red Hat JBoss Enterprise Application Platform CD13 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform CD13 includes bug fixes and enhancements. Issues addressed include denial of service and traversal vulnerabilities.
653e0dfe34e8f71fbff88f5db8ad69c4a7a15d5d8db71bce2bd437e954f7ae3c
Red Hat Security Advisory 2020-2561-01 - Red Hat JBoss Enterprise Application Platform CD12 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform CD12 includes bug fixes and enhancements. Issues addressed include code execution, deserialization, and memory exhaustion vulnerabilities.
b76aaf5cc67f51ef012b340ca8233367d63f2f7981ba6e783d50b98e7f58223b