The specific flaw exists within the activate_doit function of the service. The issue lies in the handling of the actserver parameter which can result in overflowing a stack-based buffer.
A vulnerability exists in the FileUpload2Controller servlet. This servlet allows unauthenticated file uploads.
By uploading a JSP file, an attacker can achieve remote code execution.
By uploading a JSP file, an attacker can achieve remote code execution.
Easy File Sharing is prone to a buffer-overflow when handling a specially crafted GET request.
The join_session_keyring() function in security/keys/process_keys.c in the Linux kernel is prone to a reference counter overflow that occurs when a process repeatedly tries to join an already existing keyring.
This vulnerability can be leveraged by local unprivileged attackers to gain root privileges on the affected systems.
This vulnerability can be leveraged by local unprivileged attackers to gain root privileges on the affected systems.
The specific flaw exists within the implementation of the 0x280A IOCTL in the DrawSrv subsystem. A stack-based buffer overflow vulnerability exists in a call to strcpy. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system.
This module exploits a vulnerability present in Mac OS X. dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain root privileges via the DYLD_PRINT_TO_FILE environment variable.
This module exploits a Jenkins command injection in order to install an agent.
This update adds support for Windows and Linux platforms, and HTTPS support.
This update adds support for Windows and Linux platforms, and HTTPS support.
A vulnerability exists in the UploadServlet servlet. By providing a filename header containing a directory traversal, an attacker can upload a file to an arbitrary location on the system.
This module abuses the auto deploy feature in the server in order to achieve remote code execution.
This module abuses the auto deploy feature in the server in order to achieve remote code execution.
Improvement on Web Application Authentication Testing parameters to use a high number of values between the authentication probes.
A vulnerability exists in the UploadFileAction servlet. By providing a fileType parameter of "*" to the UploadFileUpload page, an attacker can upload a file to an arbitrary location on the system.
This module abuses the auto deploy feature in the server in order to achieve remote code execution. Also, this module makes use of an authentication bypass vulnerability to perform the attack.
This module abuses the auto deploy feature in the server in order to achieve remote code execution. Also, this module makes use of an authentication bypass vulnerability to perform the attack.