This module exploits a server side request forgery present in getKeyInfoData function of oracle.security.xmlsec.keys.RetrievalMethod. Chained with a deserialization vulnerability present in the ADF Faces framework to deploy an agent in the system running Oracle Access Manager.
net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.
An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
This module exploits a vulnerability in Microsoft MSDT, which can be leveraged to execute arbitrary code on vulnerable machines by convincing an unsuspecting user to open a malicious document.
This module exploits a server-side template injection vulnerability present in the customError.ftl filter of VMware Workspace ONE Access. The deployed agent will run with horizon user privileges.
This module exploits a server-side template injection vulnerability present in the customError.ftl filter of VMware Workspace ONE Access. The deployed agent will run with horizon user privileges.
This module exploits an authentication bypass vulnerability present in iControl REST of F5 BIG-IP. The deployed agent will run with root privileges.
This module exploits an authentication bypass vulnerability present in iControl REST of F5 BIG-IP. The deployed agent will run with root privileges.
This module uses an unsafe data binding used to populate an object from request parameters to set a Tomcat specific ClassLoader in Spring MVC and Spring WebFlux applications in order to upload and execute a JSP file in the Tomcat virtual file system webapps directory.
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel's watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.
Pagination
- Previous page
- Page 24
- Next page