exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 8,012 RSS Feed

Code Execution Files

Ubuntu Security Notice USN-7130-1
Posted Nov 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7130-1 - It was discovered that GitHub CLI incorrectly handled username validation. An attacker could possibly use this issue to perform remote code execution if the user connected to a malicious server.

tags | advisory, remote, code execution
systems | linux, ubuntu
advisories | CVE-2024-52308
SHA-256 | fe3eb861c4e7a23b6b2ce99368f3327913bcab99b1f679efb490abc72c37bc89
Red Hat Security Advisory 2024-10219-03
Posted Nov 27, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-10219-03 - An update for the perl-App-cpanminus:1.7044 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a code execution vulnerability.

tags | advisory, perl, code execution
systems | linux, redhat
advisories | CVE-2024-45321
SHA-256 | 94a400e3c3cfb3351cf4a1d4d1beeaaf214131979f39922e6b752f0f22db42b1
Red Hat Security Advisory 2024-10218-03
Posted Nov 27, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-10218-03 - An update for perl-App-cpanminus is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.

tags | advisory, perl, code execution
systems | linux, redhat
advisories | CVE-2024-45321
SHA-256 | 7659ebc3d87aa11336e0c577c34f96db4f463c8fe7b47e38a0c238785d5d22ae
Red Hat Security Advisory 2024-10208-03
Posted Nov 27, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-10208-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include HTTP request smuggling, bypass, code execution, denial of service, deserialization, and server-side request forgery vulnerabilities.

tags | advisory, web, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-7238
SHA-256 | 1be50ed3f0a1d5e14687d762fbbe47df06e17f66fd138daa3f501a9c0ccab181
Red Hat Security Advisory 2024-10207-03
Posted Nov 27, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-10207-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7. Issues addressed include code execution, denial of service, deserialization, server-side request forgery, and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, code execution, sql injection
systems | linux, redhat
advisories | CVE-2021-3859
SHA-256 | 343cb5fb94b59bea978bd46cc9decc908df0d1bd6a97176d1b08655cf893112a
Red Hat Security Advisory 2024-9915-03
Posted Nov 25, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9915-03 - An update for gnome-shell is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a code execution vulnerability.

tags | advisory, shell, code execution
systems | linux, redhat
advisories | CVE-2024-36472
SHA-256 | 7c38c86be0147ffda65ea56f2165d3836b6417399eb96f625c921555b4f4da98
CUPS IPP Attributes LAN Remote Code Execution
Posted Nov 22, 2024
Authored by Spencer McIntyre, RageLtMan, Simone Margaritelli, Ryan Emmons | Site metasploit.com

This Metasploit module exploits vulnerabilities in OpenPrinting CUPS, which is running by default on most Linux distributions. The vulnerabilities allow an attacker on the LAN to advertise a malicious printer that triggers remote code execution when a victim sends a print job to the malicious printer. Successful exploitation requires user interaction, but no CUPS services need to be reachable via accessible ports. Code execution occurs in the context of the lp user. Affected versions are cups-browsed less than or equal to 2.0.1, libcupsfilters versions 2.1b1 and below, libppd versions 2.1b1 and below, and cups-filters versions 2.0.1 and below.

tags | exploit, remote, vulnerability, code execution
systems | linux
advisories | CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, CVE-2024-47177
SHA-256 | 16431cc7dbb038947f886cccbda9ff1e8abb4ffdc1cbb4066839871766422f13
ProjectSend R1605 Unauthenticated Remote Code Execution
Posted Nov 22, 2024
Site metasploit.com

This Metasploit module exploits an improper authorization vulnerability in ProjectSend versions r1295 through r1605. The vulnerability allows an unauthenticated attacker to obtain remote code execution by enabling user registration, disabling the whitelist of allowed file extensions, and uploading a malicious PHP file to the server.

tags | exploit, remote, php, code execution
SHA-256 | e395c3372dc6eda5878d64b4b3e2b759c5bfaffe8d57ca9fdfd36a0bab7bf55b
Red Hat Security Advisory 2024-9806-03
Posted Nov 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9806-03 - Red Hat build of Apache Camel 4.4.4 for Spring Boot release and security update is now available. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2024-51132
SHA-256 | e5a1fe2a8a8abdba703cd554ce001244eeb6964bb505e9270a87878516a76a06
Apple Security Advisory 11-19-2024-5
Posted Nov 22, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 11-19-2024-5 - macOS Sequoia 15.1.1 addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2024-44308, CVE-2024-44309
SHA-256 | 673b14a99725a70874faebe9587a107cc5fbae5423965b93d84ad6e8a0b21673
Apple Security Advisory 11-19-2024-4
Posted Nov 22, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 11-19-2024-4 - iOS 17.7.2 and iPadOS 17.7.2 addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, ios
advisories | CVE-2024-44308, CVE-2024-44309
SHA-256 | 25e2616d143e5a6c02a25baf655b4c3ddde1a0de992a7276ba8e26c156982841
Red Hat Security Advisory 2024-9679-03
Posted Nov 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9679-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include code execution, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-32885
SHA-256 | a072c4a79a7fba3d9f798f6c536dc83e6ba851f5eaf528700d2eb523fe8015bd
Apple Security Advisory 11-19-2024-3
Posted Nov 22, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 11-19-2024-3 - iOS 18.1.1 and iPadOS 18.1.1 addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, ios
advisories | CVE-2024-44308, CVE-2024-44309
SHA-256 | 1811cd2f89b56c17afd3dd246138796cc0278ab19801137b1d427a1c4b2ee94b
Red Hat Security Advisory 2024-9646-03
Posted Nov 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9646-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include code execution, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-32885
SHA-256 | 0f0e090ef093f93ec277c321d4386842098463a763dd1801040b941ee6861ca4
Apple Security Advisory 11-19-2024-2
Posted Nov 22, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 11-19-2024-2 - visionOS 2.1.1 addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2024-44308, CVE-2024-44309
SHA-256 | 23762c69b876df7ea45363b0d369784623a71b315ca3de500c66fe2e7d75aee6
Red Hat Security Advisory 2024-9638-03
Posted Nov 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9638-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2024-23222
SHA-256 | 6b52c888b5ee2144b4e01d61b21143ac8fb065cedc962695942db69bed58a6b3
Red Hat Security Advisory 2024-9636-03
Posted Nov 22, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9636-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Issues addressed include code execution, out of bounds read, spoofing, and use-after-free vulnerabilities.

tags | advisory, spoof, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2024-4558
SHA-256 | 754e12483ccdf3dc71c414d0a8507159a0635b7c4dbb47bf3642a2585829825a
Apple Security Advisory 11-19-2024-1
Posted Nov 22, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 11-19-2024-1 - Safari 18.1.1 addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2024-44308, CVE-2024-44309
SHA-256 | e8625a7795bae049e74c2905f0849b2c45981599d8800998e9f004c010560320
Judge0 Sandbox Escape
Posted Nov 21, 2024
Authored by Takahiro Yokoyama | Site metasploit.com

Judge0 does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox.

tags | exploit, arbitrary, code execution
advisories | CVE-2024-28185, CVE-2024-28189
SHA-256 | a1ba2cf035b4baf95b438349ee60b5d61abfbe14ea74073871109b698ce41265
Ubuntu Security Notice USN-7113-1
Posted Nov 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7113-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2024-44244
SHA-256 | dd5f06682ca93a1fe2093e0af57570ec9766114fd67a9256775ecb3b152853a5
Pyload Remote Code Execution
Posted Nov 18, 2024
Authored by Spencer McIntyre, jheysel-r7 | Site metasploit.com

CVE-2024-28397 is a sandbox escape in js2py versions 0.74 and below. js2py is a popular python package that can evaluate javascript code inside a python interpreter. The vulnerability allows for an attacker to obtain a reference to a python object in the js2py environment enabling them to escape the sandbox, bypass pyimport restrictions and execute arbitrary commands on the host. At the time of this writing no patch has been released and version 0.74 is the latest version of js2py which was released Nov 6, 2022. CVE-2024-39205 is a remote code execution vulnerability in Pyload versions 0.5.0b3.dev85 and below. It is an open-source download manager designed to automate file downloads from various online sources. Pyload is vulnerable because it exposes the vulnerable js2py functionality mentioned above on the /flash/addcrypted2 API endpoint. This endpoint was designed to only accept connections from localhost but by manipulating the HOST header we can bypass this restriction in order to access the API to achieve unauthenticated remote code execution.

tags | exploit, remote, arbitrary, javascript, code execution, python
advisories | CVE-2024-28397, CVE-2024-39205
SHA-256 | 80427d657de061fee48a9f5adbb6c131d9fca4ddd53f67cf67ca1b3ed439fddd
Gentoo Linux Security Advisory 202411-09
Posted Nov 18, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202411-9 - Multiple vulnerabilities have been discovered in Perl, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 5.38.2 are affected.

tags | advisory, arbitrary, perl, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2021-36770, CVE-2023-31486, CVE-2023-47038
SHA-256 | 3595d9ddc5c7b57b0fc6a001f6671c27b47cdadd1a00fb459436bae50b95624c
Gentoo Linux Security Advisory 202411-07
Posted Nov 18, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202411-7 - A vulnerability has been discovered in Pillow, which may lead to arbitrary code execution. Versions greater than or equal to 10.3.0 are affected.

tags | advisory, arbitrary, code execution
systems | linux, gentoo
advisories | CVE-2024-28219
SHA-256 | f33ea09ad2289f635434f7ee97a896c3bcb59965736b5163ab8e08d19639a6af
SOPlanning 1.52.01 Remote Code Execution
Posted Nov 18, 2024

SOPlanning version 1.52.01 authenticated remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | aa2b0281cd44426371fcd74740cdc742a4967b78355a65e5c712e22f50b852b6
Red Hat Security Advisory 2024-9680-03
Posted Nov 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9680-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include code execution, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-32885
SHA-256 | 5e84fedd1a55610efb37e4cd55c473c8354b2e43c61a8e55f36a6a31453cb759
Page 1 of 321
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close