Kimai 2 is vulnerable to persistent cross-site scripting (XSS). A normal user can add a malicious payload in the description field of the timesheet creation page. When the changes are saved and the page is refreshed, an alert pop up is triggered.
A buffer overflow vulnerability exists in RAR Password Recovery v1.80 when a maliciously crafted User Name and Registration Code is processed, which could allow an attacker to cause a denial of service condition. An attacker can leverage this vulnerability by creating a maliciously crafted file, copying its contents to the clipboard, and then pasting it into the User Name and Registration Code field of the application. This will cause the application to crash.
Web Wiz Forums 12.01 is vulnerable to SQL injection in the 'PF' parameter of the 'member_profile.asp' page. An attacker can inject arbitrary SQL code in the 'PF' parameter and execute it in the context of the application.
EyesOfNetwork allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field. By looking into tools/snmpwalk.php, the attacker can control the value of the 'host_name' variable and use the 'popen' function to execute OS commands.
A buffer overflow vulnerability exists in the Microsoft Font Subsetting DLL (fontsub.dll) when processing a malformed font file. This vulnerability can be triggered by a pseudo-random sequence of API calls with a chosen font file passed as input. The vulnerable code is located in the fontsub!ReadAllocFormat12CharGlyphMapList function, where a mov instruction is used to write a value to a memory address without validating the size of the destination buffer. An attacker can exploit this vulnerability by supplying a specially crafted font file, resulting in a buffer overflow and potentially allowing arbitrary code execution.
We have encountered the following crash in fontsub!FixSbitSubTableFormat1: We have developed a testing harness which invokes a pseudo-random sequence of API calls with a chosen font file passed as input. This report describes a crash triggered by a malformed font file in the fontsub.dll code through our harness.
The AFDKO Out-of-Date Vulnerability is a vulnerability in Adobe Font Development Kit for OpenType (AFDKO) that affects Adobe Acrobat and other Adobe products. The vulnerability is caused by the fact that the AFDKO code used in Adobe products is out-of-date and does not reflect the latest version of the code available on GitHub. This can lead to security issues, as the outdated code may contain known vulnerabilities that have been patched in the latest version. Furthermore, the outdated code may not contain the latest security features, making it more vulnerable to attack.
The CTF subsystem is vulnerable to ALPC port injection, which allows an attacker to hijack the ALPC port and gain access to the system. The code is dated and contains multiple critical design flaws, which can be exploited to gain access to the system.
The SGBigUTF8String class initializes the string using [SGBigUTF8String initWithUTF8DataNullTerminated:] even though there is no guarantee the bytes provided to the decoder are null terminated. It should use [SGBigUTF8String initWithUTF8Data:] instead. This class is included in iMessage, and could be useful in local attacks.
This exploit allows an authenticated user to execute arbitrary code on the ManageEngine opManager application. The exploit uses the ExecuteCommandServlet servlet to execute the code on the target device. The exploit requires valid credentials to authenticate and execute the code.
Services By CQR