Plantronics HUB versions 3.21 and below are affected by a privilege escalation vulnerability allowing any local unprivileged user to acquire elevated access rights and take full control of the system.
0a0d514bc21c085cf9e640ba4c34a7d7923f5353e8e1fcd3aceb4c3803713a71FortiSIEM versions 5.2.8 and below are vulnerable to an unauthorized remote command execution vulnerability via Expression Language injection. This advisory notes that the Richsploit exploit can be leveraged to still achieve code execution.
41a7244cc155ca357017d0f400fa1ea31bc629fca173cb7784ea84fc938847b4WordPress WP Courses plugin versions 2.0.29 and below suffer from an issue that allows an unauthenticated attacker the ability to ex-filtrate all the content of courses through the WordPress REST API.
1dc9c867a49c8ff76a931ea288460a80bbe8cba8bbb23f594818102315099698The Windows client for Pulse Secure versions prior to 9.1.6 have a TOCTOU bug that allows an attacker to escalate the privilege to NT_AUTHORITY\SYSTEM.
dca63b6d0e232c655c5aa1e46657175b0a75544592e4c07a004fd3566b85e29bRed Timmy Sec has discovered that Pulse Secure Client for Windows suffers from a local privilege escalation vulnerability in the PulseSecureService.exe service.
5f5a0396cb9bd8b8918531a470f34efbfce05c416ca68a1d578867b7468c1362Apache Tomcat is affected by a Java deserialization vulnerability if the PersistentManager is configured as session manager. Successful exploitation requires the attacker to be able to upload an arbitrary file to the server. This archive includes a write up and proof of concept code from multiple researchers.
5db34fe7e7adcdfc030cf05662a1514025c97b95bc660d4698e532b08ba58604MicroStrategy Intelligence Server and Web version 10.4 suffers from remote code execution, cross site scripting, server-side request forgery, and information disclosure vulnerabilities.
2e452f25b0aabc3741eb00b4ee2e86d5d200045527146eae962c28cf79d36776Oce Colorwave 500 printer suffers from authentication bypass, cross site request forgery, and cross site scripting vulnerabilities.
cb5874cc976834228bc185741becb79371ed3b619e098dbdd4244f3a27610bf7This tool can be used to exploit vulnerable versions of RichFaces. It has payloads for 4 vulnerabilities that have been identified, which can lead to remote code execution via java deserialization and EL injection.
648af6bc429ca530648d01005b86d127e64fe5a21538da847835939211cb2f63Whitepaper called Blue Team vs. Red Team: How to run your encrypted binaries in memory and go undetected. This paper discusses the golden frieza project.
326178d7c2a2126ac27509f46a4346cfb02ff83ca3fc2a5d381a2e1d830ce3ecImagine finding yourself in a "hostile" environment, one where you cannot run exploits, tools, and applications without worrying about prying eyes spying on you, be they a legitimate system administrator, a colleague sharing an access with you or a software solution that scans the machine you are logged in to for malicious files. Your binary should live in encrypted form in the filesystem so that no static analysis would be possible even if identified and copied somewhere else. It should be only decrypted on the fly in memory when executed, so preventing dynamic analysis too, unless the decryption key is known. To experiment with such an idea Red Timmy Sec have created the "golden frieza" project.
41f188a8a31adc549c15b975f94febb25727777ba9bf32f0242c38f4b2c03bc0SerialTweaker is a tool that can be used to load a serialized object, change its contents, and reserialize it to a new serialized object with modified fields inside.
f07b0cb7767fe9ecacd5cc0f2aacef08a3520cd39de4d809fae2a85d1b7c8bb0Whitepaper called Web Application Firewall Bypass via Bluecoat Device.
a7866388d1501e972c85add7da1749c0587312eed8461805b75236def544a63fEnumJavaLibs is a tool that can be used to discover which libraries are loaded (i.e. available on the classpath) by a remote Java application when it supports deserialization.
da5559bc7f4710283fa54efb778574987ae6e5d69dd60d06904a9fadf495e067OAMbuster is a multi-threaded exploit for CVE-2018-2879.
b68302c74939716ec55aa081bbd6419f01985352ca4eb583f4c9417195876784This whitepaper discusses highlights of findings related to remote code execution leveraging JMX/RMI.
c1c6d49b75e30398fa5a7dacd39a13e739823cc3f93d713506d4b6e32f8da33d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed