PoC – Page 13 – WindowsTechs.com

Apache Solr RCEs with public PoCs could soon be exploited

Posted on November 25, 2019 by Zeljka Zorz

Two remote code execution (RCE) vulnerabilities in Apache Solr could be exploited by attackers to compromise the underlying server. One – CVE-2019-12409 – has already been patched, while the other – currently without a CVE number &#82… Continue reading Apache Solr RCEs with public PoCs could soon be exploited→

PHP RCE flaw actively exploited to pop NGINX servers

Posted on October 28, 2019 by Zeljka Zorz

A recently patched vulnerability (CVE-2019-11043) in PHP is being actively exploited by attackers to compromise NGINX web servers, threat intelligence firm Bad Packets has confirmed. For a successful exploitation, target servers must have the PHP-FPM (… Continue reading PHP RCE flaw actively exploited to pop NGINX servers→

Researcher releases PoC rooting app that exploits recent Android zero-day

Posted on October 17, 2019 by Zeljka Zorz

Late last month Google Project Zero researcher Maddie Stone detailed a zero-day Android privilege escalation vulnerability (CVE-2019-2215) and revealed that it is actively being exploited in attacks in the wild. She also provided PoC code that could he… Continue reading Researcher releases PoC rooting app that exploits recent Android zero-day→

Guess what? You should patch Exim again!

Posted on October 1, 2019 by Zeljka Zorz

Hot on the heels of a patch for a critical RCE Exim flaw comes another one that fixes a denial of service (DoS) condition (CVE-2019-16928) that could also be exploited by attackers to pull off remote code execution. With no mitigations available at thi… Continue reading Guess what? You should patch Exim again!→

Critical Exim flaw opens servers to remote code execution, patch now!

Posted on September 9, 2019 by Zeljka Zorz

The Exim mail transfer agent (MTA) is impacted by a critical vulnerability that may allow local or unauthenticated remote attackers to execute programs with root privileges on the underlying system. About Exim Exim is the most widely used MTA today and… Continue reading Critical Exim flaw opens servers to remote code execution, patch now!→

Apple iMessage Flaw Allows Remote Attackers to Read iPhone Messages

Posted on July 30, 2019 by Tara Seals

Remote exploitation can be achieved with no user interaction. Continue reading Apple iMessage Flaw Allows Remote Attackers to Read iPhone Messages→

Released: PoC for RCE flaw in Palo Alto Networks firewalls, gateways

Posted on July 22, 2019 by Zeljka Zorz

Palo Alto Networks has silently patched a critical remote code execution vulnerability in its enterprise GlobalProtect SSL VPN, which runs on Palo Alto Networks’ firewall devices. Administrators who have still not upgraded to the fixed PAN-OS ver… Continue reading Released: PoC for RCE flaw in Palo Alto Networks firewalls, gateways→

July 16, 2019 – Hack Naked News #227

Posted on July 16, 2019 by Security Weekly Productions

Zoom RCE flaw affecting RingCentral and Zhumu, a researcher releases PoC code for critical Atlassian Crowd RCE flaw, thousands of legacy Lenovo storage devices exposed millions of files, unusual Linux ransomware targets NAS servers, and how hacked … Continue reading July 16, 2019 – Hack Naked News #227→

Researcher releases PoC code for critical Atlassian Crowd RCE flaw

Posted on July 16, 2019 by Zeljka Zorz

A researcher has released proof-of-concept code for a critical code execution vulnerability (CVE-2019-11580) in Atlassian Crowd, a centralized identity management solution providing single sign-on and user identity. Atlassian plugged the hole in late M… Continue reading Researcher releases PoC code for critical Atlassian Crowd RCE flaw→

Linux Command-Line Editors Vulnerable to High-Severity Bug

Posted on June 11, 2019 by Tom Spring

A bug impacting editors Vim and Neovim could allow a trojan code to escape sandbox mitigations. Continue reading Linux Command-Line Editors Vulnerable to High-Severity Bug→