Security
Headlines
HeadlinesLatestCVEs

Tag

#ubuntu

Movable Type 7 r.5002 XMLRPC API Remote Command Injection

This Metasploit module exploits an XML-RPC API OS command injection vulnerability in Movable Type 7 version r.5002.

Packet Storm
Open in Source
#vulnerability#ubuntu#dos#ubuntu#dos#vulnerability#web#xss#vulnerability#vulnerability
Android NFC Type Confusion

Android NFC suffers from a type confusion vulnerability due to a race condition during a tag type change.

Red Hat Security Advisory 2021-3915-01

Red Hat Security Advisory 2021-3915-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

Ubuntu Security Notice USN-5125-1

Ubuntu Security Notice 5125-1 - It was discovered that PHP-FPM in PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

Sophos UTM WebAdmin SID Command Injection

This Metasploit module exploits an SID-based command injection in Sophos UTM's WebAdmin interface to execute shell commands as the root user.

Backdoor.Win32.Prorat.ntz Weak Hardcoded Password

Backdoor.Win32.Prorat.ntz malware suffers from having a weak hardcoded password.

Backdoor.Win32.Prorat.ntz Man-In-The-Middle

Backdoor.Win32.Prorat.ntz malware suffers from a man-in-the-middle vulnerability.

Microsoft OMI Management Interface Authentication Bypass

By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 (released September 8th 2021).