metasploit vulnerabilities and exploits

(subscribe to this query)

The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell prior to 1.7.3, as used in GitLab 5.0 prior to 5.4.1 and 6.x prior to 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.

Gitlab Gitlab 5.0.0 Gitlab Gitlab 5.0.1 Gitlab Gitlab 5.1.0 Gitlab Gitlab 5.2.0 Gitlab Gitlab 5.3.0 Gitlab Gitlab 5.4.0 Gitlab Gitlab 6.0.0 Gitlab Gitlab 6.1.0 Gitlab Gitlab 6.2.0 Gitlab Gitlab 6.2.1 Gitlab Gitlab 6.2.2 Gitlab Gitlab-shell

1 EDB exploit

Buffer overflow in NIPrint 4.10 allows remote malicious users to execute arbitrary code via a long string to TCP port 515.

Network Instruments Niprint Lpd-lpr Print Server 4.10

1 EDB exploit

The Square Squash allows remote malicious users to execute arbitrary code via a YAML document in the (1) namespace parameter to the deobfuscation function or (2) sourcemap parameter to the sourcemap function in app/controllers/api/v1_controller.rb.

Squash Square Squash -

1 EDB exploit

In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request.

Duckduckgo Duckduckgo 4.2.0

1 EDB exploit

Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.

Whitsoft Development Slimftpd 3.15 Whitsoft Development Slimftpd 3.16

1 EDB exploit

The kernel in Apple iOS prior to 9.3.5 allows malicious users to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Apple Iphone Os

1 EDB exploit8 Github repositories

Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 prior to 7.6.4.1, and 8.0 prior to 8.0.0.1, allows remote malicious users to execute arbitrary code via format string specifiers in a message.

Emc Networker 7.6.3 Emc Networker 7.6.4 Emc Networker 8.0

1 EDB exploit

A Unix account has a default, null, blank, or missing password.

Hp Hp-ux 10.20 Hp Hp-ux 11 Redhat Linux 6.0 Sun Solaris 2.6 Sun Sunos 5.5.1 Sun Sunos 5.7 Sun Sunos 5.8

1 EDB exploit

Certain getText methods in the ActionSupport controller in Apache Roller prior to 5.0.2 allow remote malicious users to execute arbitrary OGNL expressions via the first or second parameter, as demonstrated by the pageTitle parameter in the !getPageTitle sub-URL to roller-ui/login...

Apache Roller Apache Roller 4.0 Apache Roller 4.0.1 Apache Roller 5.0

1 EDB exploit

GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub prior to 7.3.5 allows remote malicious users to execute arbitrary commands via unspecified vectors.

Cogentdatahub Cogent Datahub Cogentdatahub Cogent Datahub 7.0 Cogentdatahub Cogent Datahub 7.0.2 Cogentdatahub Cogent Datahub 7.1.0 Cogentdatahub Cogent Datahub 7.1.1 Cogentdatahub Cogent Datahub 7.1.1.63 Cogentdatahub Cogent Datahub 7.1.2 Cogentdatahub Cogent Datahub 7.2.2 Cogentdatahub Cogent Datahub 7.3.0 Cogentdatahub Cogent Datahub 7.3.1 Cogentdatahub Cogent Datahub 7.3.2 Cogentdatahub Cogent Datahub 7.3.3

1 EDB exploit

« PREV 1 2 3 4 5 6 7 8 9 10 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook