DiskSavvy server is prone to a buffer-overflow vulnerability (using port 9124), this can trigger an overflow in a finite-sized internal memory buffer, and install an agent.
In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service vulnerability. DiskPulse server is prone to a buffer-overflow SEH vulnerability (using port 80).
DiskBoss server is prone to a buffer-overflow vulnerability (using port 80), this can trigger an overflow in a finite-sized internal memory buffer, and install an agent.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing VX Search Web Server. The vulnerability is caused due to a boundary error within VX Search Web Server when processing HTTP command name POST Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
A stack overflow found in CloudMe Sync by supplying a malformed network request.
Embedthis GoAhead before 3.6.5 and after 2.5.0 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc dynamic linker, this behaviour can be abused for remote code execution using special parameter names such as LD_PRELOAD. An attacker can POST their shared object payload in the body of the request, and reference it using /proc/self/fd/0.
This module exploits a vulnerability in Apache Struts 2. The specific vulnerability relies on the Struts 1 plugin which might allow remote attackers to execute arbitrary code via a malicious field value passed in a raw message to the ActionMessage.
SysGauge Server is prone to a buffer-overflow vulnerability when handling a crafted packet, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.
The specific flaw exists within the implementation of the 0x2723 opcode in the DrawSrv subsystem. A untrusted pointer dereference vulnerability exists previous to a call to memcpy. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system.
AllMediaServer Enterprise is prone to a buffer-overflow vulnerability when handling a crafted packet, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.