User input isn't sanitized for safe use - and it is possible to gain a Remote Code Execution of the server hosting the Centreon Service leading to a full server takeover with the user "apache"
The attached tiff image causes a crash in ImageIO on the latest macOS and iOS. To reproduce the issue, the attached code (tester.m) can be used. With tester.m compiled with ASAN, processing the attached tiff image should crash with an access violation. The crash occurs in the TIFFReadPlugin::DecodeBlocks function.
The exploit allows any user to obtain log files without authentication by accessing a specific path on the DVR. This can lead to the disclosure of sensitive information such as usernames, passwords, device names, and IP addresses.
An authenticated user can easily exploit this vulnerability. Octeth Oempro 4.7 and 4.8 allow SQL injection. The parameter CampaignID in Campaign.Get is vulnerable.
The parameter 'userUsername=' is vulnerable to Stored Cross-site scripting. Attacker can craft a malicious javascript and attach it to the stored XSS, when admin visits the /admin/user page the payload will trigger.
The exploit allows an attacker to execute arbitrary code by exploiting a stack overflow vulnerability in Torrent 3GP Converter version 1.51 Build 116. By providing a specially crafted input, an attacker can trigger a stack overflow condition, overwrite the Structured Exception Handling (SEH) chain, and gain control of the program execution flow.
Genexis Platinum-4410 v2.1 Home Gateway Router discloses passwords of each users (Admin, GENEXIS, user3) in plain text behind login page source "http://192.168.1.1/cgi-bin/index2.asp". This could potentially allow a remote attacker access sensitive information and perform actions such as reset router, changing passwords, upload malicious firmware, etc.
The vulnerability allows an attacker to include local files on the server by manipulating the 'phpEx' parameter in the 'printview.php' script of PNphpBB2 version 1.2i or earlier. This can lead to unauthorized access to sensitive files, such as the '/etc/passwd' file.
The TP-Link TP-SG105E is a "5-Port Gigabit Easy Smart Switch". It features a web front end and an application (Easy Smart Configuration Utility) for easy configuration management. The device does not properly restrict access to an internal API. It is therefore possible to remotely reboot the device by sending a HTTP POST request.
This module attempts to gain root privileges on Linux systems by abusing a NULL pointer dereference in the rds_atomic_free_op function in the Reliable Datagram Sockets (RDS) kernel module (rds.ko). Successful exploitation requires the RDS kernel module to be loaded. If the RDS module is not blacklisted (default); then it will be loaded automatically. This exploit supports 64-bit Ubuntu Linux systems, including distributions based on Ubuntu, such as Linux Mint and Zorin OS. Target offsets are available for Ubuntu 16.04 kernels 4.4.0 <= 4.4.0-116-generic; and Ubuntu 16.04 kernels 4.8.0 <= 4.8.0-54-generic. This exploit does not bypass SMAP. Bypasses for SMEP and KASLR are included. Failed exploitation may crash the kernel. This module has been tested successfully on various 4.4 and 4.8 kernels.
Services By CQR