CMS Made Simple version 2.2.19 suffers from a remote code execution vulnerability.
a3ad3dd9895a3078f1d089deae8fbb53622866bb6909e7d8f5c58295b26bdf2f
This Metasploit module chains a server side request forgery (SSRF) vulnerability (CVE-2024-21893) and a command injection vulnerability (CVE-2024-21887) to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All currently supported versions 9.x and 22.x are vulnerable, prior to the vendor patch released on Feb 1, 2024. It is unknown if unsupported versions 8.x and below are also vulnerable.
517cb3bdebea0c5e8bc6b809e873babc0faf56250fbc150da2e1a5d269f4e7b7
Red Hat Security Advisory 2024-0893-03 - An update for python-pillow is now available for Red Hat Enterprise Linux 8. Issues addressed include a code execution vulnerability.
c38f79aa1fb6858b5c05f7a4fe033ec4d8c9043ac0b28db82931dc9620b2aa19
Gentoo Linux Security Advisory 202402-28 - Multiple vulnerabilities have been discovered in Samba, the worst of which can lead to remote code execution. Versions greater than or equal to 4.18.9 are affected.
c1b77ea663583d7b2f9d45426761c56ddbb0b4ac671059fc79dbe605a5da5b12
Gentoo Linux Security Advisory 202402-26 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions greater than or equal to 115.7.0:esr are affected.
cc533856037ce3489c1c38f7382c14f40155a8adae6b4f28af227d8e9f39964a
Gentoo Linux Security Advisory 202402-25 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.7.0 are affected.
f6a33c383a67744f956589ebca1e53b97ec85a5c78492b16031da34f30606da1
Gentoo Linux Security Advisory 202402-24 - Multiple vulnerabilities have been discovered in Seamonkey, the worst of which can lead to remote code execution. Versions greater than or equal to 2.53.10.2 are affected.
741d35d4bdb23d0b8fa49dc043b5dea8050951485082052e828d295f45be0db1
Gentoo Linux Security Advisory 202402-23 - Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 121.0.6167.139 are affected.
f4454cfd0cbe05bc91dbf64927220dcb289f6b1c63b52526cc67f7720db5413e
Gentoo Linux Security Advisory 202402-20 - A vulnerability has been discovered in Thunar which may lead to arbitrary code execution Versions greater than or equal to 4.17.3 are affected.
83355da959645c487a209c226eb25e43186cdf716cdaadcb62ea7d17fc40aa56
Gentoo Linux Security Advisory 202402-19 - A vulnerability has been discovered in libcaca which can lead to arbitrary code execution. Versions greater than or equal to 0.99_beta19-r4 are affected.
0245e60107a0303350e4c76919c42747fe3e6976194d4f228f49c0d993a4e02f
Gentoo Linux Security Advisory 202402-18 - Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution. Versions greater than or equal to 4.97.1 are affected.
baabebed21673e40b564e5721f4a8c2ad8b2d62a34a694a4ab0c3fd9b9eddfdc
Gentoo Linux Security Advisory 202402-17 - Multiple vulnerabilities have been discovered in CUPS, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 2.4.7 are affected.
0468bc739c556dc5d72d0990bb0d5e50e913c2c05719800d5e77718a1d6861e0
Gentoo Linux Security Advisory 202402-16 - Multiple vulnerabilities have been discovered in Apache Log4j, the worst of which can lead to remote code execution. Versions less than or equal to 1.2.17 are affected.
79e0825715a2197c39850bba10de0d238187f4c93dcdf24c6b31b702cdb3131e
Gentoo Linux Security Advisory 202402-15 - A vulnerability has been discovered in e2fsprogs which can lead to arbitrary code execution. Versions greater than or equal to 1.46.6 are affected.
a2eafff769a48f4258c44d663d740cd5000c7ee83f88308b3caffea113cb1beb
WonderCMS version 4.3.2 remote exploit that leverages cross site scripting to achieve remote code execution.
371582d2faf62d5876bcf7818755a049e5f6d427635c029647db990dfb673374
Gentoo Linux Security Advisory 202402-14 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.12_p20240122 are affected.
f750ece2412bd442b32f28c4f91c17860985bcc25963c561ef6f01fd67d8ff64
Gentoo Linux Security Advisory 202402-13 - A vulnerability has been discovered in TACACS+ which could lead to remote code execution. Versions less than or equal to 4.0.4.27a-r3 are affected.
04638808355566c54197cb75af68f1998cbd5ed25d7e8f0a438f1ae5fb0072af
Red Hat Security Advisory 2024-0857-03 - An update for python-pillow is now available for Red Hat Enterprise Linux 7. Issues addressed include a code execution vulnerability.
477156adac9fcdf1d868e035fabb6e0d47125c4a8ed81b73a516eeb0465cc5fe
Ubuntu Security Notice 6638-1 - Marc Beatove discovered buffer overflows exit in EDK2. An attacker on the local network could potentially use this to impact availability or possibly cause remote code execution. It was discovered that a buffer overflows exists in EDK2's Network Package An attacker on the local network could potentially use these to impact availability or possibly cause remote code execution.
cb517471393f2b25d84672292a8731ab62b9d85dbfaf6f8ff61eb3870a2e1cb5
Metabase version 0.46.6 pre-authentication remote code execution exploit.
12ec4ccc18bfbb1b00d57a614e06d901073104741529ac741a8598bcfc795479
Red Hat Security Advisory 2024-0778-03 - An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, improper authorization, information leakage, insecure permissions, and open redirection vulnerabilities.
ab4f43b9e71e063c24e6665055c78987e13d3b3ffaeb136bf2ca4c7222838cb2
Red Hat Security Advisory 2024-0777-03 - An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.14. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, information leakage, and open redirection vulnerabilities.
3eed8a402985e9201b2959d777e66d6b3d4c828342daf0e2047df99c9352d53f
Red Hat Security Advisory 2024-0776-03 - An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Issues addressed include bypass, code execution, cross site scripting, and denial of service vulnerabilities.
066ec355713bdfb5d17ff8adb414021618bb7df8ac5b4fbee6ddd1731eff0030
Red Hat Security Advisory 2024-0775-03 - An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.11. Issues addressed include bypass, code execution, cross site scripting, deserialization, information leakage, and insecure permissions vulnerabilities.
bce52c7c00b891789e1532b690676483061f98b6a4dfcfe94e9ecadad6b53155
Ubuntu Security Notice 6631-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
4b6f4fc061a2d62f4bfc4c023b3a9687f579682d0d0d93b1e1032a14339c54da