The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site. This registration works even when registration has been disabled. This module exploits this vulnerability to add an administrator user to the Joomla database. Notice that this account could need registration confirmation (activation).
An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java object to the Jenkins CLI, making Jenkins connect to an attacker-controlled LDAP server, which in turn can send a serialized payload leading to code execution, bypassing existing protection mechanisms. This can be exploited by malicious local attackers to gain SYSTEM privileges on Windows targets.
A buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header in a PROPFIND request.
HPE Intelligent Management Center is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the RMI Registry service used to manage and monitor the Java Virtual Machine.
3S-Smart Software Solutions GmbH CODESYS Web Server is prone to upload a crafted configuration file and it produce a buffer-overflow vulnerability when handling a XML tag content, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with same privileges than server.
Disk Sorter Enterprise server is prone to a buffer-overflow vulnerability when handling a crafted login request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.
VIPA Controls WinPLC7 is prone to a buffer-overflow vulnerability when handling a crafted package, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with normal user privileges.
ConQuest DICOM server is prone to a buffer-overflow vulnerability when handling a crafted package, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with normal user privileges.
Dup Scout server is prone to a buffer-overflow vulnerability when handling a crafted login request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.
Disk Savvy server is prone to a buffer-overflow vulnerability when handling a crafted GET request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.