CVE-2023-28205.zip
18.2 KB
CVE-2023-28205
Author: seregonwar
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
GitHub Link:
https://github.com/seregonwar/uaf-2023-28205
Author: seregonwar
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
GitHub Link:
https://github.com/seregonwar/uaf-2023-28205
CVE-2024-25600.zip
15.6 KB
CVE-2024-25600
Author: h0w1tzxr
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.
GitHub Link:
https://github.com/h0w1tzxr/TryHack3M-Bricks-Heist
Author: h0w1tzxr
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.
GitHub Link:
https://github.com/h0w1tzxr/TryHack3M-Bricks-Heist
CVE-2017-5638.zip
6.3 KB
CVE-2017-5638
Author: louislafosse
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
GitHub Link:
https://github.com/louislafosse/CVE-2017-5638-assignement
Author: louislafosse
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
GitHub Link:
https://github.com/louislafosse/CVE-2017-5638-assignement
CVE-2023-46604.zip
5.9 KB
CVE-2023-46604
Author: RockyDesigne
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.
Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.
GitHub Link:
https://github.com/RockyDesigne/SSP-Assignment-3-RCEYouLater
Author: RockyDesigne
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.
Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.
GitHub Link:
https://github.com/RockyDesigne/SSP-Assignment-3-RCEYouLater
CVE-2017-9805.zip
2.2 KB
CVE-2017-9805
Author: Fl5xia
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
GitHub Link:
https://github.com/Fl5xia/CVE-2017-9805
Author: Fl5xia
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
GitHub Link:
https://github.com/Fl5xia/CVE-2017-9805
CVE-2012-2982.zip
2.2 KB
CVE-2012-2982
Author: JRrooot
file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.
GitHub Link:
https://github.com/JRrooot/CVE-2012-2982-Webmin-RCE
Author: JRrooot
file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.
GitHub Link:
https://github.com/JRrooot/CVE-2012-2982-Webmin-RCE