Zero-Day Exploitation Of Atlassian Confluence
Posted by deepcore under exploit (No Respond)
Archive for June, 2022
NVIDIA Data Center GPU Manager Remote Memory Corruption
Posted by deepcore under exploit (No Respond)
NVIDIA DCGM runs on machines with NVIDIA GPUs to gather telemetry and GPU health data. nv-hostengine is a daemon that by default listens on the loopback interface, but can also listen on the network for requests coming in on port 5555 (remote mgmt). A native client named DCGMI allows users to make requests to the […]
dotCMS Shell Upload
Posted by deepcore under exploit (No Respond)
When files are uploaded into dotCMS via the content API, but before they become content, dotCMS writes the file down in a temporary directory. In the case of this vulnerability, dotCMS does not sanitize the filename passed in via the multipart request header and thus does not sanitize the temporary file’s name. This allows an […]
Product Show Room Site 1.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Product Show Room Site version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
libMeshb Buffer Overflow
Posted by deepcore under exploit (No Respond)
libMeshb suffers from a buffer overflow vulnerability. Version 7.62 has been released to address this issue.
libMeshb Buffer Overflow
Posted by deepcore under exploit (No Respond)
libMeshb suffers from a buffer overflow vulnerability. Version 7.62 has been released to address this issue.
[remote] SolarView Compact 6.00 – Directory Traversal
Posted by deepcore under Security (No Respond)
[remote] Telesquare SDT-CW3B1 1.1.0 – OS Command Injection
Posted by deepcore under Security (No Respond)
[webapps] Microweber CMS 1.2.15 – Account Takeover
Posted by deepcore under Security (No Respond)
[remote] Zyxel USG FLEX 5.21 – OS Command Injection
Posted by deepcore under Security (No Respond)